Vulnerabilities > CVE-2013-0513 - Unspecified vulnerability in IBM Rational Policy Tester and Security Appscan
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
IBM Security AppScan Enterprise 5.6 and 8.x before 8.7 and IBM Rational Policy Tester 5.6 and 8.x before 8.5.0.4 create a service that lacks " (double quote) characters in the service path, which allows local users to gain privileges via a Trojan horse program, related to an "Unquoted Service Path Enumeration" vulnerability.
Vulnerable Configurations
References
- http://www-01.ibm.com/support/docview.wss?uid=swg21626264
- http://www-01.ibm.com/support/docview.wss?uid=swg21626264
- http://www-01.ibm.com/support/docview.wss?uid=swg21631304
- http://www-01.ibm.com/support/docview.wss?uid=swg21631304
- https://exchange.xforce.ibmcloud.com/vulnerabilities/82594
- https://exchange.xforce.ibmcloud.com/vulnerabilities/82594