CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
95.7%
Multiple directory traversal vulnerabilities in the vendor daemon in Rational Common Licensing in Telelogic License Server 2.0, Rational License Server 7.x, and ibmratl in IBM Rational License Key Server (RLKS) 8.0 through 8.1.2 allow remote attackers to execute arbitrary code via vectors related to save, rename, and load operations on log files. NOTE: this might overlap CVE-2011-4135.
Vendor | Product | Version | CPE |
---|---|---|---|
ibm | rational_license_key_server | 8.0 | cpe:2.3:a:ibm:rational_license_key_server:8.0:*:*:*:*:*:*:* |
ibm | rational_license_key_server | 8.1 | cpe:2.3:a:ibm:rational_license_key_server:8.1:*:*:*:*:*:*:* |
ibm | rational_license_key_server | 8.1.1 | cpe:2.3:a:ibm:rational_license_key_server:8.1.1:*:*:*:*:*:*:* |
ibm | rational_license_key_server | 8.1.2 | cpe:2.3:a:ibm:rational_license_key_server:8.1.2:*:*:*:*:*:*:* |
ibm | rational_license_server | 7.0 | cpe:2.3:a:ibm:rational_license_server:7.0:*:*:*:*:*:*:* |
ibm | rational_license_server | 7.1 | cpe:2.3:a:ibm:rational_license_server:7.1:*:*:*:*:*:*:* |
ibm | rational_license_server | 7.5 | cpe:2.3:a:ibm:rational_license_server:7.5:*:*:*:*:*:*:* |
ibm | telelogic_license_server | 2.0 | cpe:2.3:a:ibm:telelogic_license_server:2.0:*:*:*:*:*:*:* |
kb.flexerasoftware.com/selfservice/microsites/search.do?cmd=displayKC&docType=kc&externalId=Q200975&sliceId=1
secunia.com/advisories/47522
secunia.com/advisories/47524
www.flexerasoftware.com/pl/13057.htm
www.ibm.com/support/docview.wss?uid=swg21577760
www.securityfocus.com/bid/49191
www.zerodayinitiative.com/advisories/ZDI-11-272/
exchange.xforce.ibmcloud.com/vulnerabilities/71739