Lucene search

MitreCVE-2011-1561

HistoryApr 05, 2011 - 3:19 p.m.

CVE-2011-1561

2011-04-0515:19:35

CWE-287

mitre

web.nvd.nist.gov

ibm

aix

ldap

security

authentication

vulnerability

remote

attack

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

Confidence

Low

EPSS

0.009

Percentile

82.8%

JSON

The LDAP login feature in bos.rte.security 6.1.6.4 in IBM AIX 6.1, when ldap_auth is enabled in ldap.cfg, allows remote attackers to bypass authentication via a login attempt with an arbitrary password.

Affected configurations

Nvd

Node

ibmaixMatch6.1

VendorProductVersionCPE
ibmaix6.1cpe:2.3:o:ibm:aix:6.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	aix	6.1	cpe:2.3:o:ibm:aix:6.1:::::::*

References

aix.software.ibm.com/aix/efixes/security/ldapauth_advisory.asc

secunia.com/advisories/43968

securitytracker.com/id?1025273

www-01.ibm.com/support/docview.wss?uid=isg1IZ97416

www.vupen.com/english/advisories/2011/0836

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

Confidence

Low

EPSS

0.009

Percentile

82.8%

JSON

Related for CVE-2011-1561