Vulnerability in Ibm Rational_clearcase

CVE-2013-5373

The RemoteClient component in IBM Rational ClearCase 8.0.0.03 through 8.0.0.07, and 8.0.1, uses world-writable permissions for the rcleartool script, which allows local users to gain privileges by appending commands.

EPSS: 0.000 (10.7th percentile) — read the EPSS interpretation.

Affected products

Ibm Rational_clearcase — versions 8.0.0.3, 8.0.0.4, 8.0.0.5
N/a — versions n/a

Weakness classification (CWE)

CWE-264

References

psirt@us.ibm.com (x_refsource_CONFIRM, Vendor Advisory)
clearcase-cve20135373-priv-esc(86791) (vdb-entry, x_refsource_XF)