CVE-2013-0513

3 documents3 sources
Severity
7.2HIGH
EPSS
0.1%
top 84.19%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
IBM Rational Policy TesterIBM Security Appscan
Timeline
PublishedMar 29
Latest updateMay 5

Description

IBM Security AppScan Enterprise 5.6 and 8.x before 8.7 and IBM Rational Policy Tester 5.6 and 8.x before 8.5.0.4 create a service that lacks " (double quote) characters in the service path, which allows local users to gain privileges via a Trojan horse program, related to an "Unquoted Service Path Enumeration" vulnerability.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages2 packages

NVDibm/rational_policy_tester10 versions+9
NVDibm/security_appscan12 versions+11

🔴Vulnerability Details

2
GHSA
GHSA-hmcx-gx3h-rc8r: IBM Security AppScan Enterprise 52022-05-05
CVEList
CVE-2013-0513: IBM Security AppScan Enterprise 52013-03-29
CVE-2013-0513 (HIGH CVSS 7.2) | IBM Security AppScan Enterprise 5.6 | cvebase.io