Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2012-4845

The FTP client in IBM AIX 6.1 and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, does not properly manage privileges in an RBAC environment, which allows attackers to bypass intended file-read restrictions by leveraging the setuid installation of the ftp executable file.

  • Published: Oct 20, 2012
  • Updated: Apr 13, 2023
  • CVE: CVE-2012-4845
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 6.8
  • AV:N/AC:L/Au:S/C:C/I:N/A:N

CWEs:

Software From Fixed in
ibm / aix 7.1 7.1.x
ibm / aix 6.1 6.1.x
ibm / vios 2.2.1.4-fp-25_sp-02 2.2.1.4-fp-25_sp-02.x