Remote authenticated users can gain root access in IBM PowerHA SystemMirror on AIX 6.1 and 7.1 through cluster-wide password-change list vulnerability.

Remote authenticated users can gain root access in IBM PowerHA SystemMirror on AIX 6.1 and 7.1 through cluster-wide password-change list vulnerability.

CVE-2015-5005 · HIGH Severity

AV:N/AC:M/AU:S/C:C/I:C/A:C

CSPOC in IBM PowerHA SystemMirror on AIX 6.1 and 7.1 allows remote authenticated users to perform an "su root" action by leveraging presence on the cluster-wide password-change list.

Learn more about our Cis Benchmark Audit For Ibm Aix.