N/A

IBM Security AppScan Enterprise 5.6 and 8.x before 8.7 and IBM Rational Policy Tester 5.6 and 8.x before 8.5.0.4 create a service that lacks " (double quote) characters in the service path, which allows local users to gain privileges via a Trojan horse program, related to an "Unquoted Service Path Enumeration" vulnerability.

N/A

N/A

多款IBM产品设计错误漏洞

IBM Rational Policy Tester（RPT）是美国IBM公司的一套自动化的在线遵从性解决方案。该解决方案主要用于测试Web应用访问质量、隐私和无障碍性遵循结果等遵从性问题。 IBM Security AppScan Enterprise 5.6和8.7之前的8.x版本；IBM Rational Policy Tester 5.6和8.5.0.4之前的8.x版本中存在漏洞，该漏洞源于程序创建服务在服务路径中缺少“（双引号）字符。通过Trojan木马程序，本地攻击者利用该漏洞获得权限。与‘U

N/A

N/A