CVE Vulnerabilities

CVE-2013-5373

Published: Sep 25, 2013 | Modified: Aug 29, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.9 MEDIUM
AV:L/AC:M/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

The RemoteClient component in IBM Rational ClearCase 8.0.0.03 through 8.0.0.07, and 8.0.1, uses world-writable permissions for the rcleartool script, which allows local users to gain privileges by appending commands.

Affected Software

Name Vendor Start Version End Version
Rational_clearcase Ibm 8.0.0.5 8.0.0.5
Rational_clearcase Ibm 8.0.0.7 8.0.0.7
Rational_clearcase Ibm 8.0.0.4 8.0.0.4
Rational_clearcase Ibm 8.0.1 8.0.1
Rational_clearcase Ibm 8.0.0.6 8.0.0.6
Rational_clearcase Ibm 8.0.0.3 8.0.0.3

References