CVE-2012-4817

The NFSv4 client implementation in IBM AIX 5.3, 6.1, and 7.1, and VIOS before 2.2.1.4-FP-25 SP-02, does not properly handle GID values, which allows remote attackers to cause a denial of service via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
ibmCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 84%
VendorProductVersion
ibmvios
1.4.1.2
ibmvios
1.5.1.1
ibmvios
1.5.2.1
ibmvios
1.5.2.6
ibmvios
2.1.0.0
ibmvios
2.1.2.10
ibmvios
2.1.2.12
ibmvios
2.1.2.13
ibmvios
2.1.3.10
ibmvios
2.2.0.10
ibmvios
2.2.0.11
ibmvios
2.2.0.12
ibmvios
2.2.0.13
ibmvios
2.2.1.0
ibmvios
2.2.1.1
ibmvios
2.2.1.3
ibmvios
2.2.1.4
ibmaix
5.3
ibmaix
6.1
ibmaix
7.1
𝑥
= Vulnerable software versions
References
http://aix.software.ibm.com/aix/efixes/security/nfsv4_advisory1.asc
http://osvdb.org/85427
http://secunia.com/advisories/50619
http://www.ibm.com/support/docview.wss?uid=isg1IV10327
http://www.ibm.com/support/docview.wss?uid=isg1IV11629
http://www.ibm.com/support/docview.wss?uid=isg1IV12169
http://www.ibm.com/support/docview.wss?uid=isg1IV17855
http://www.ibm.com/support/docview.wss?uid=isg1IV26436
http://www.securityfocus.com/bid/55546
http://www.securitytracker.com/id?1027531
https://exchange.xforce.ibmcloud.com/vulnerabilities/78431
http://aix.software.ibm.com/aix/efixes/security/nfsv4_advisory1.asc
http://osvdb.org/85427
http://secunia.com/advisories/50619
http://www.ibm.com/support/docview.wss?uid=isg1IV10327
http://www.ibm.com/support/docview.wss?uid=isg1IV11629
http://www.ibm.com/support/docview.wss?uid=isg1IV12169
http://www.ibm.com/support/docview.wss?uid=isg1IV17855
http://www.ibm.com/support/docview.wss?uid=isg1IV26436
http://www.securityfocus.com/bid/55546
http://www.securitytracker.com/id?1027531
https://exchange.xforce.ibmcloud.com/vulnerabilities/78431