// For flags

CVE-2011-1389

 

Severity Score

10.0
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Multiple directory traversal vulnerabilities in the vendor daemon in Rational Common Licensing in Telelogic License Server 2.0, Rational License Server 7.x, and ibmratl in IBM Rational License Key Server (RLKS) 8.0 through 8.1.2 allow remote attackers to execute arbitrary code via vectors related to save, rename, and load operations on log files. NOTE: this might overlap CVE-2011-4135.

Múltiples vulnerabilidades de salto de directorio en el demonio de proveedor de Rational Common Licensing en Telelogic License Server v2.0, Rational License Server v7.x y ibmratl en IBM Rational License Key Server (RLKS) v8.0 hasta v8.1.2 permiten a atacantes remotos ejecutar código de su elección a través de vectores relacionados con las operaciones de guardar, renombrar y carga en los archivos de registro. NOTA: éste problema podría superponerse con el CVE-2011-4135.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2011-03-10 CVE Reserved
  • 2012-01-19 CVE Published
  • 2024-02-07 EPSS Updated
  • 2024-08-06 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Ibm
Search vendor "Ibm"
 Rational License Key Server
Search vendor "Ibm" for product "Rational License Key Server"
 8.0
Search vendor "Ibm" for product "Rational License Key Server" and version "8.0"
-
Affected
Ibm
Search vendor "Ibm"
 Rational License Key Server
Search vendor "Ibm" for product "Rational License Key Server"
 8.1
Search vendor "Ibm" for product "Rational License Key Server" and version "8.1"
-
Affected
Ibm
Search vendor "Ibm"
 Rational License Key Server
Search vendor "Ibm" for product "Rational License Key Server"
 8.1.1
Search vendor "Ibm" for product "Rational License Key Server" and version "8.1.1"
-
Affected
Ibm
Search vendor "Ibm"
 Rational License Key Server
Search vendor "Ibm" for product "Rational License Key Server"
 8.1.2
Search vendor "Ibm" for product "Rational License Key Server" and version "8.1.2"
-
Affected
Ibm
Search vendor "Ibm"
 Rational License Server
Search vendor "Ibm" for product "Rational License Server"
 7.0
Search vendor "Ibm" for product "Rational License Server" and version "7.0"
-
Affected
Ibm
Search vendor "Ibm"
 Rational License Server
Search vendor "Ibm" for product "Rational License Server"
 7.1
Search vendor "Ibm" for product "Rational License Server" and version "7.1"
-
Affected
Ibm
Search vendor "Ibm"
 Rational License Server
Search vendor "Ibm" for product "Rational License Server"
 7.5
Search vendor "Ibm" for product "Rational License Server" and version "7.5"
-
Affected
Ibm
Search vendor "Ibm"
 Telelogic License Server
Search vendor "Ibm" for product "Telelogic License Server"
 2.0
Search vendor "Ibm" for product "Telelogic License Server" and version "2.0"
-
Affected