8.5
CVE-2013-3005
- EPSS 2.96%
- Veröffentlicht 06.07.2013 13:57:36
- Zuletzt bearbeitet 29.04.2026 01:13:23
- Quelle psirt@us.ibm.com
- CVE-Watchlists
- Unerledigt
The TFTP client in IBM AIX 6.1 and 7.1, and VIOS 2.2.2.2-FP-26 SP-02, when RBAC is enabled, allows remote authenticated users to bypass intended file-ownership restrictions, and read or overwrite arbitrary files, via unspecified vectors.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.96% | 0.854 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.5 | 6.8 | 10 |
AV:N/AC:M/Au:S/C:C/I:C/A:C
|
http://aix.software.ibm.com/aix/efixes/security/tftp_advisory.asc
http://www.ibm.com/support/docview.wss?uid=isg1IV40221
http://www.ibm.com/support/docview.wss?uid=isg1IV42700
http://www.ibm.com/support/docview.wss?uid=isg1IV42932
http://www.ibm.com/support/docview.wss?uid=isg1IV42933
http://www.ibm.com/support/docview.wss?uid=isg1IV42934
http://www.ibm.com/support/docview.wss?uid=isg1IV42935
https://exchange.xforce.ibmcloud.com/vulnerabilities/85366
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19519