IBM AIX/VIOS 7.2/7.3 denial of service

Summaryinfo

A vulnerability, which was classified as problematic, has been found in IBM AIX and VIOS 7.2/7.3. Impacted is an unknown function. This manipulation causes denial of service. This vulnerability appears as CVE-2023-45172. The attack requires local access. There is no available exploit. It is advisable to upgrade the affected component.

Detailsinfo

A vulnerability classified as problematic was found in IBM AIX and VIOS 7.2/7.3 (Operating System). Affected by this vulnerability is an unknown functionality. The manipulation with an unknown input leads to a denial of service vulnerability. The CWE definition for the vulnerability is CWE-404. The product does not release or incorrectly releases a resource before it is made available for re-use. As an impact it is known to affect availability. The summary by CVE is:

IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in AIX windows to cause a denial of service. IBM X-Force ID: 267970.

The weakness was presented 12/20/2023. The advisory is shared at ibm.com. This vulnerability is known as CVE-2023-45172 since 10/05/2023. Neither technical details nor an exploit are publicly available.

Upgrading eliminates this vulnerability.

The vulnerability is also documented in the vulnerability database at X-Force (267970). Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Productinfo

Type

• Operating System

Vendor

• IBM

Name

• AIX
• VIOS

Version

• 7.2
• 7.3

License

• commercial

Website

• Vendor: https://www.ibm.com/

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Discussion