AIX 6.1 / 7.1.2 / 7.1.3 : IBM PowerHA SystemMirror CSPOC Privilege Escalation
High Nessus Plugin ID 94674
SynopsisThe remote AIX host is missing a security patch.
DescriptionThe remote AIX host is running a version of IBM PowerHA SystemMirror that is missing a security patch. It is, therefore, affected by a privilege escalation vulnerability in the Cluster Single Point of Control (CSPOC) feature that occurs when adding an authenticated, remote user to the list that allows cluster-wide changing of the password. An authenticated, remote attacker who has been added to this list can exploit this issue, via a vulnerable script shipped with the product, to gain root privileges by using a 'su root' action.
SolutionInstall the appropriate interim fix according to the vendor advisory.