Weak Permissions for Python Scripts in IBM SPSS Statistics 22.0.0.2 and 23.0.0.2

Weak Permissions for Python Scripts in IBM SPSS Statistics 22.0.0.2 and 23.0.0.2

CVE-2015-7489 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

IBM SPSS Statistics 22.0.0.2 before IF10 and 23.0.0.2 before IF7 uses weak permissions (Everyone: Write) for Python scripts, which allows local users to gain privileges by modifying a script.

Learn more about our User Device Pen Test.