CVE-2013-5373
Published Sep 25, 2013
Last updated 7 years ago
Overview
- Description
- The RemoteClient component in IBM Rational ClearCase 8.0.0.03 through 8.0.0.07, and 8.0.1, uses world-writable permissions for the rcleartool script, which allows local users to gain privileges by appending commands.
- Source
- psirt@us.ibm.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 6.9
- Impact score
- 10
- Exploitability score
- 3.4
- Vector string
- AV:L/AC:M/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-264
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_clearcase:8.0.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DFE9D77A-6462-461C-B651-FE2A8B239E0D"
},
{
"criteria": "cpe:2.3:a:ibm:rational_clearcase:8.0.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BFAA6B9C-96ED-4C76-9AEE-2285D29F6DB1"
},
{
"criteria": "cpe:2.3:a:ibm:rational_clearcase:8.0.0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "571A1E6F-05EC-43CC-9B31-39FEE3C2D173"
},
{
"criteria": "cpe:2.3:a:ibm:rational_clearcase:8.0.0.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0260695E-777E-4A33-BF4E-ABC51D3AA77C"
},
{
"criteria": "cpe:2.3:a:ibm:rational_clearcase:8.0.0.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "85321EB9-969F-4A2F-9001-CD7B2988838B"
},
{
"criteria": "cpe:2.3:a:ibm:rational_clearcase:8.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6873B05A-D699-4337-AA66-5C414F8ED078"
}
],
"operator": "OR"
}
]
}
]