CVE-2013-5373

CWE-2643 documents3 sources
Severity
6.9MEDIUM
EPSS
0.0%
top 89.86%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Rational Clearcase
Timeline
PublishedSep 25
Latest updateMay 17

Description

The RemoteClient component in IBM Rational ClearCase 8.0.0.03 through 8.0.0.07, and 8.0.1, uses world-writable permissions for the rcleartool script, which allows local users to gain privileges by appending commands.

CVSS vector

AV:L/AC:M/C:C/I:C/A:CExploitability: 3.4 | Impact: 10.0

Affected Packages1 packages

NVDibm/rational_clearcase6 versions+5

🔴Vulnerability Details

2
GHSA
GHSA-jwcq-7v6p-m9w6: The RemoteClient component in IBM Rational ClearCase 82022-05-17
CVEList
CVE-2013-5373: The RemoteClient component in IBM Rational ClearCase 82013-09-25
CVE-2013-5373 (MEDIUM CVSS 6.9) | The RemoteClient component in IBM R | cvebase.io