Vulnerability in Ibm Sterling_connect
CVE-2013-2989
The file-copying functionality in IBM Sterling Connect:Direct 3.8.00, 4.0.00, and 4.1.0 for UNIX on AIX 6.1 through 7.1 uses incorrect privileges, which allows local users to bypass filesystem read permissions and write permissions by leve…
EPSS: 0.003 (23.5th percentile) — read the EPSS interpretation.
Affected products
- Ibm Sterling_connect — versions 3.8.00, 4.0.00, 4.1.0.0
- N/a — versions n/a
Weakness classification (CWE)
References
- psirt@us.ibm.com (vendor-advisory, x_refsource_AIXAPAR)
- psirt@us.ibm.com (x_refsource_CONFIRM, Vendor Advisory)
- psirt@us.ibm.com (vdb-entry, x_refsource_XF)