CVE-2013-0517
https://notcve.org/view.php?id=CVE-2013-0517
A Command Execution Vulnerability exists in IBM Sterling External Authentication Server 2.2.0, 2.3.01, 2.4.0, and 2.4.1 via an unspecified OS command, which could let a local malicious user execute arbitrary code. Se presenta una Vulnerabilidad de Ejecución de Comandos en IBM Sterling External Authentication Server versiones 2.2.0, 2.3.01, 2.4.0 y 2.4.1, por medio de un comando de Sistema Operativo no especificado, que podría permitir a un usuario malicioso local ejecutar código arbitrario. • http://www.securityfocus.com/bid/59807 https://www.ibm.com/blogs/psirt/security-bulletin-multiple-security-vulnerabilities-addressed-in-ibm-sterling-external-authentication-server-cve-2013-0514-cve-2013-0517-4 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •