Path Traversal in Ibm Rational_software_architect_design_manager

CVE-2013-3043

Directory traversal vulnerability in the client in IBM Rational Software Architect Design Manager and Rhapsody Design Manager 3.x and 4.x before 4.0.5 allows local users to read arbitrary files via vectors involving temporary files.

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.000 (5.6th percentile) — read the EPSS interpretation.

Affected products

Ibm Rational_software_architect_design_manager — versions 3.0.0, 3.0.0.1, 3.0.1
Ibm Rhapsody_design_manager — versions 3.0.0, 3.0.0.1, 3.0.1
N/a — versions n/a

Weakness classification (CWE)

CWE-22 — Path Traversal

References

rhapsody-dm-cve20133043-client-dir-trav(84769) (vdb-entry, x_refsource_XF)
psirt@us.ibm.com (x_refsource_CONFIRM, Vendor Advisory)