This script is Copyright (C) 2016 Tenable Network Security, Inc.
The remote AIX host is missing a security patch.
The remote AIX host is running a version of IBM PowerHA SystemMirror
that is missing a security patch. It is, therefore, affected by a
privilege escalation vulnerability in the Cluster Single Point of
Control (CSPOC) feature that occurs when adding an authenticated,
remote user to the list that allows cluster-wide changing of the
password. An authenticated, remote attacker who has been added to this
list can exploit this issue, via a vulnerable script shipped with the
product, to gain root privileges by using a 'su root' action.
See also :
Install the appropriate interim fix according to the vendor advisory.
Risk factor :
High / CVSS Base Score : 8.5
CVSS Temporal Score : 6.3
Public Exploit Available : false