CVE-2014-0936CVE-2014-0936

Affected configuration(s):

cpe:/a:ibm:security_appscan_source:8.0
cpe:/a:ibm:security_appscan_source:8.5
cpe:/a:ibm:security_appscan_source:8.6
cpe:/a:ibm:security_appscan_source:8.7
cpe:/a:ibm:security_appscan_source:8.8
cpe:/a:ibm:security_appscan_source:9.0

Date published: 2014-06-08T19:55:02.367-04:00

Date last modified: 2017-08-28T21:34:21.343-04:00

CVSS Score: 4.3

Principal attack vector: ADJACENT_NETWORK

Complexity:  HIGH

Reference URL: http://www-01.ibm.com/support/docview.wss?uid=swg21674750

Summary: IBM Security AppScan Source 8.0 through 9.0, when the publish-assessment permission is not properly restricted for the configured database server, transmits cleartext assessment data, which allows remote attackers to obtain sensitive information by sniffing the network.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *