Lucene search
+L
IbmRational Policy Tester

9 matches found

CVE
CVE
added 2013/03/29 10:0 a.m.54 views

CVE-2013-0513

CVE-2013-0513 affects IBM Rational AppScan Enterprise (versions 5.6 and 8.x prior to 8.7) and IBM Rational Policy Tester (5.6 and 8.x prior to 8.5.0.4), plus IBM Rational ClearCase/ClearQuest per IBM advisories. The root cause is an unquoted service path created during installation, enabling a lo...

7.2CVSS8.5AI score0.00334EPSS
CVE
CVE
added 2013/09/09 1:0 a.m.48 views

CVE-2013-4061

This CVE (CVE-2013-4061) affects IBM Rational Policy Tester 8.5 prior to 8.5.0.5. The issue is an authorization check failure on changes to the set of authentication hosts, allowing remote authenticated users to perform spoofing attacks via HTTP redirects. Affected product is Rational Policy Test...

4CVSS6.4AI score0.00884EPSS
CVE
CVE
added 2013/03/29 10:0 a.m.46 views

CVE-2013-0473

CVE-2013-0473 describes multiple cross-site scripting (XSS) vulnerabilities in IBM Security AppScan Enterprise (versions 5.6 and 8.x prior to 8.7) and IBM Rational Policy Tester (versions 5.6 and 8.x prior to 8.5.0.4). The issue allows remote attackers to inject arbitrary web script or HTML via a...

4.3CVSS5.6AI score0.01148EPSS
CVE
CVE
added 2013/03/29 10:0 a.m.45 views

CVE-2013-0512

CVE-2013-0512 describes a stack-based buffer overflow in the Manual Explore browser plug-in for Firefox used by IBM Security AppScan Enterprise (versions 5.6 and 8.x before 8.7) and IBM Rational Policy Tester (versions 5.6 and 8.x before 8.5.0.4). The vulnerability allows remote attackers to caus...

4.3CVSS7AI score0.01112EPSS
CVE
CVE
added 2012/12/28 11:0 a.m.43 views

CVE-2012-0741

IBM Security AppScan Enterprise before 8.6.0.2 and Rational Policy Tester before 8.5.0.3 fail to validate X.509 certificates when using the Manual Explore Proxy feature, enabling man-in-the-middle attackers to spoof SSL servers with an arbitrary certificate. The CVE describes a vulnerability in S...

5.8CVSS6.6AI score0.00593EPSS
CVE
CVE
added 2013/09/09 1:0 a.m.43 views

CVE-2013-4062

Summary (CVE-2013-4062): IBM Rational Policy Tester 8.5 before 8.5.0.5 fails to verify X.509 certificates from SSL servers, enabling potential man-in-the-middle attacks that could spoof Jazz Team servers, and expose or alter client–server data (confidentiality, integrity, and availability). Affec...

6.8CVSS6.1AI score0.00578EPSS
CVE
CVE
added 2013/03/29 10:0 a.m.42 views

CVE-2013-0532

The CVE-2013-0532 entry describes a CSRF vulnerability in IBM Security AppScan Enterprise (versions 5.6 and 8.x prior to 8.7) and IBM Rational Policy Tester (5.6 and 8.x prior to 8.5.0.4) that allows remote attackers to hijack the authentication of arbitrary users for requests that cause a denial...

6.8CVSS7.3AI score0.00633EPSS
CVE
CVE
added 2013/03/29 10:0 a.m.40 views

CVE-2013-0474

CVE-2013-0474 affects the Manual Explore browser plug-in used with IBM Security AppScan Enterprise (versions 5.6 and 8.x prior to 8.7) and IBM Rational Policy Tester (versions 5.6 and 8.x prior to 8.5.0.4). The vulnerability allows remote attackers to disclose test Platform Authentication credent...

4.3CVSS6.6AI score0.01001EPSS
CVE
CVE
added 2012/12/28 11:0 a.m.39 views

CVE-2012-0738

CVE-2012-0738 affects IBM Security AppScan Enterprise (before 8.6.0.2) and Rational Policy Tester (before 8.5.0.3). The issue is that these products do not validate X.509 certificates during scanning, enabling man-in-the-middle attackers to spoof SSL servers via an arbitrary certificate. The NVD ...

5.8CVSS6.5AI score0.00593EPSS