CNNVD-202511-1533 Information
CNNVD ID
CNNVD-202511-1533
Related CVE
- CNNVD Published: 2025-11-13
Description (Chinese)
IBM AIX和IBM VIOS都是美国国际商业机器(IBM)公司的产品。IBM AIX是一款为 IBM Power 体系架构开发的一种基于开放标准的 UNIX 操作系统。IBM VIOS是PowerVm® Editions 硬件功能的一部分。有助于在服务器内的客户端逻辑分区之间共享物理 I/O 资源。 IBM AIX 7.2版本、7.3版本和IBM VIOS 3.1版本、4.1版本存在路径遍历漏洞,该漏洞源于NIM服务器存在目录遍历,可能导致任意文件写入。
Description (English)
IBM AIX and IBM VIOS are products of IBM. IBM AIX is an open standard-based UNIX operating system developed for the IBM Power architecture. IBM VIOS is part of the PowerVm Editions hardware function. Facilitates the sharing of physical I/O resources between client-end logical partitions within the server. IBM AIX version 7.2, version 7.3, and IBM VIOS version 3.1, version 4.1 have path-to-path loopholes, which stem from the existence of a directory on the NIM server and may lead to the writing of any file.
Hazard Level
Medium
Vulnerability Type
路径遍历
Affected Vendor
国际商业机器
Published
2025-11-13
Last Modified
2026-02-24
References
https://www.ibm.com/support/pages/node/7251173 https://access.redhat.com/security/cve/cve-2025-36236
Patch
https://www.ibm.com/support/pages/node/7251173
Share on: