CVE-2021-38990

Description

IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the mount command which could lead to code execution. IBM X-Force ID: 212952.

CVSS breakdown

CVSS 3.0

Attack Vector

Local

User Interaction

None

Privileges Required

None

Scope

Unchanged

Availability

High

Attack Complexity

Low

Confidentiality

High

Integrity

High

Unchanged

Changed

Affected products

ibm / aix7.2 – 7.2
ibm / aix7.1 – 7.1
ibm / vios3.1 – 3.1

References

MISChttps://www.ibm.com/support/pages/node/6515496
MISChttps://www.ibm.com/support/pages/node/6538700
MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/212952