Vulnerability Description
IBM AIX 6.1, 7.1, and 7.2 could allow a local user to gain root privileges using a specially crafted command within the bellmail client. IBM APARs: IV91006, IV91007, IV91008, IV91010, IV91011.
CVSS Score
7.8
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Aix | 6.1 |
| Ibm | Vios | 2.2.0.0 |
Related Weaknesses (CWE)
References
- http://aix.software.ibm.com/aix/efixes/security/bellmail_advisory.ascMitigationPatchVendor Advisory
- http://www.securityfocus.com/bid/94979Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1037480
- https://www.exploit-db.com/exploits/40950/
- http://aix.software.ibm.com/aix/efixes/security/bellmail_advisory.ascMitigationPatchVendor Advisory
- http://www.securityfocus.com/bid/94979Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1037480
- https://www.exploit-db.com/exploits/40950/
FAQ
What is CVE-2016-8972?
CVE-2016-8972 is a vulnerability with a CVSS score of 7.8 (HIGH). IBM AIX 6.1, 7.1, and 7.2 could allow a local user to gain root privileges using a specially crafted command within the bellmail client. IBM APARs: IV91006, IV91007, IV91008, IV91010, IV91011.
How severe is CVE-2016-8972?
CVE-2016-8972 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2016-8972?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Aix, Ibm Vios.