PT-2021-12166 · Ibm · Ibm Spss Modeler Subscription Installer

Ido Hoorvitch

Published

2021-03-10

Updated

2022-05-03

CVE-2020-4717

CVSS v3.1

6.2

Medium

Vector

AV:L/AC:L/UI:N/I:H/A:N/PR:N/S:U/C:N

Name of the Vulnerable Software and Affected Versions IBM SPSS Modeler Subscription Installer (affected versions not specified)

Description A vulnerability exists in the IBM SPSS Modeler Subscription Installer, allowing a user with create symbolic link permission to write arbitrary files in another protected path during product installation.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Link Following

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-59

Related Identifiers

CVE-2020-4717

Affected Products

Ibm Spss Modeler Subscription Installer

PT-2021-12166 · Ibm · Ibm Spss Modeler Subscription Installer

CVE-2020-4717

Weakness Enumeration

Related Identifiers

Affected Products

References · 5