Privilege Escalation Flaw in IBM Security AppScan and Rational Policy Tester
CVE-2013-0513

Currently unrated

Key Information:

Vendor: IBM
Status: Security Appscan
Vendor: CVE Published:; 29 March 2013

Summary

A vulnerability exists in IBM Security AppScan Enterprise and IBM Rational Policy Tester due to a failure to properly handle unquoted service paths. This shortcoming allows local users to potentially execute a Trojan horse program with elevated privileges. The issue primarily arises from the absence of quotes around service paths, enabling malicious actors to exploit this flaw for unauthorized access.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21631304

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/82594

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=swg21626264

x_refsource_CONFIRM

Timeline

Vulnerability published
Mar 29, 2013
Vulnerability Reserved
Dec 16, 2012