CVE-2011-1384

Published Jan 4, 2012

Last updated 8 years ago

CVSS info 4.0

Overview

Description: The (1) bin/invscoutClient_VPD_Survey and (2) sbin/invscout_lsvpd programs in invscout.rte before 2.2.0.19 on IBM AIX 7.1, 6.1, 5.3, and earlier allow local users to delete arbitrary files, or trigger inventory scout operations on arbitrary files, via a symlink attack on an unspecified file.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 4
Impact score: 6.9
Exploitability score: 1.9
Vector string: AV:L/AC:H/Au:N/C:N/I:C/A:N

Weaknesses

nvd@nist.gov: CWE-59

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ibm:invscout.rte:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "36D9F1AD-E4F6-4CDB-8251-280AB3A24AA6",
            "versionEndIncluding": "2.2.0.18"
          },
          {
            "criteria": "cpe:2.3:a:ibm:invscout.rte:2.2.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "917F5D86-1940-4791-A001-9E50B0F25EC3"
          },
          {
            "criteria": "cpe:2.3:a:ibm:invscout.rte:2.2.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "523443DB-1392-446E-A849-725BB243FE62"
          },
          {
            "criteria": "cpe:2.3:a:ibm:invscout.rte:2.2.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "76A6D2B7-8A8A-45A7-AFB6-7B4E6BA678E0"
          },
          {
            "criteria": "cpe:2.3:a:ibm:invscout.rte:2.2.0.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0C6BB23F-C9D7-46D9-B9B5-34246B35A11A"
          },
          {
            "criteria": "cpe:2.3:a:ibm:invscout.rte:2.2.0.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "373D8BF9-B715-44C3-9470-F1D0D423D896"
          },
          {
            "criteria": "cpe:2.3:a:ibm:invscout.rte:2.2.0.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "96B0104F-2901-4A2A-A40D-087181F57A8B"
          },
          {
            "criteria": "cpe:2.3:a:ibm:invscout.rte:2.2.0.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1BDA4AAF-6758-407A-BB95-F915D7BF1DD9"
          },
          {
            "criteria": "cpe:2.3:a:ibm:invscout.rte:2.2.0.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B63444E2-2119-45C9-BDB2-A1FB403EE5D4"
          },
          {
            "criteria": "cpe:2.3:a:ibm:invscout.rte:2.2.0.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0932F7A5-A1C1-433D-9885-F4EAD43F46AF"
          },
          {
            "criteria": "cpe:2.3:a:ibm:invscout.rte:2.2.0.14:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D6667E9B-0738-4715-83EC-A37D962E6A21"
          },
          {
            "criteria": "cpe:2.3:a:ibm:invscout.rte:2.2.0.15:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E29DE445-5ECE-4B2C-BE6C-5E2D8D33593F"
          },
          {
            "criteria": "cpe:2.3:a:ibm:invscout.rte:2.2.0.17:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AE45686C-FE4B-42AE-ACDB-6FDF0D3819A0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:ibm:aix:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "8CF7BE3C-BC19-4762-9C74-0AF58258A98D",
            "versionEndIncluding": "7.1"
          },
          {
            "criteria": "cpe:2.3:o:ibm:aix:5.3:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "EA8DDF4A-1C5D-4CB1-95B3-69EAE6572507"
          },
          {
            "criteria": "cpe:2.3:o:ibm:aix:6.1:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "FD518B94-9CD7-4C45-8766-578CF427B4CF"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References