CVE-2014-4812CVE-2014-4812

Affected configuration(s):

cpe:/a:ibm:security_appscan_source:8.0
cpe:/a:ibm:security_appscan_source:8.0.0.1
cpe:/a:ibm:security_appscan_source:8.0.0.2
cpe:/a:ibm:security_appscan_source:8.5
cpe:/a:ibm:security_appscan_source:8.5.0.1
cpe:/a:ibm:security_appscan_source:8.6
cpe:/a:ibm:security_appscan_source:8.6.0.1
cpe:/a:ibm:security_appscan_source:8.6.0.2
cpe:/a:ibm:security_appscan_source:8.7
cpe:/a:ibm:security_appscan_source:8.7.0.0
cpe:/a:ibm:security_appscan_source:8.7.0.1
cpe:/a:ibm:security_appscan_source:8.8
cpe:/a:ibm:security_appscan_source:9.0
cpe:/a:ibm:security_appscan_source:9.0.0.1
cpe:/a:ibm:security_appscan_source:9.0.1

Date published: 2014-10-26T14:55:05.033-04:00

Date last modified: 2017-08-28T21:35:08.233-04:00

CVSS Score: 1.8

Principal attack vector: ADJACENT_NETWORK

Complexity:  HIGH

Reference URL: http://www-01.ibm.com/support/docview.wss?uid=swg21686844

Summary: The installer in IBM Security AppScan Source 8.x and 9.x through 9.0.1 has an open network port for a debug service, which allows remote attackers to obtain sensitive information by connecting to this port.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.