PT-2021-12211 · Ibm · Aix+2

Published

2021-01-19

Updated

2021-08-31

CVE-2020-4887

CVSS v3.1

6.2

Medium

Vector

C:N/I:H/AC:L/AV:L/A:N/S:U/PR:N/UI:N

Name of the Vulnerable Software and Affected Versions IBM AIX versions 7.1 through 7.2 AIX VIOS version 3.1

Description The issue allows a local user to exploit a vulnerability in the gencore user command to create arbitrary files in any directory.

Recommendations For IBM AIX versions 7.1 through 7.2, consider restricting access to the gencore user command until a fix is available. For AIX VIOS version 3.1, restrict the use of the gencore user command to prevent exploitation. As a temporary workaround, consider disabling the gencore user command until a patch is available.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2020-4887

Affected Products

Aix

Aix Vios

Ibm Aix

PT-2021-12211 · Ibm · Aix+2

CVE-2020-4887

Related Identifiers

Affected Products

References · 7