IBM SPSS Statistics 22.0.0.2 before IF10 and 23.0.0.2 before IF7 uses weak permissions (Everyone: Write) for Python scripts, which allows local users to gain privileges by modifying a script.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Spss_statistics | Ibm | 22.0.0.2 (including) | 22.0.0.2 (including) |
| Spss_statistics | Ibm | 23.0.0.2 (including) | 23.0.0.2 (including) |