Security Appscan Source@9.0.1 Security Vulnerabilities and Issues — Security Appscan Source@9.0.1 CVE List

Lucene search

IbmSecurity Appscan Source9.0.1

9 matches found

CVE•added 2014/12/29 2:59 a.m.•42 views

CVE-2014-6123

IBM Rational AppScan Source 8.0 through 8.0.0.2 and 8.5 through 8.5.0.1 and Security AppScan Source 8.6 through 8.6.0.2, 8.7 through 8.7.0.1, 8.8, 9.0 through 9.0.0.1, and 9.0.1 allow local users to obtain sensitive credential information by reading installation logs.

2.1CVSS5.9AI score0.0005EPSS

CVE•added 2017/02/01 8:59 p.m.•38 views

CVE-2016-3034

IBM AppScan Source uses a one-way hash without salt to encrypt highly sensitive information, which could allow a local attacker to decrypt information more easily.

4.4CVSS4.4AI score0.00024EPSS

CVE•added 2018/04/12 9:29 p.m.•37 views

CVE-2014-6120

IBM Rational AppScan Source 8.0 through 8.0.0.2 and 8.5 through 8.5.0.1 and Security AppScan Source 8.6 through 8.6.0.2, 8.7 through 8.7.0.1, 8.8, 9.0 through 9.0.0.1, and 9.0.1 allow remote attackers to execute arbitrary commands on the installation server via unspecified vectors. IBM X-Force ID: ...

10CVSS9.2AI score0.0419EPSS

CVE•added 2014/12/23 2:59 a.m.•36 views

CVE-2014-6121

Cross-site scripting (XSS) vulnerability in IBM Security AppScan Enterprise 8.5 before 8.5 IFix 002, 8.6 before 8.6 IFix 004, 8.7 before 8.7 IFix 004, 8.8 before 8.8 iFix 003, 9.0 before 9.0.0.1 iFix 003, and 9.0.1 before 9.0.1 iFix 001 allows remote authenticated users to inject arbitrary web scri...

3.5CVSS5.2AI score0.00188EPSS

CVE•added 2014/12/23 2:59 a.m.•35 views

CVE-2014-6119

IBM Security AppScan Enterprise 8.5 before 8.5 IFix 002, 8.6 before 8.6 IFix 004, 8.7 before 8.7 IFix 004, 8.8 before 8.8 iFix 003, 9.0 before 9.0.0.1 iFix 003, and 9.0.1 before 9.0.1 iFix 001 allows remote attackers to execute arbitrary code via a crafted executable file in an archive.

9.3CVSS7.7AI score0.09944EPSS

CVE•added 2014/12/23 2:59 a.m.•35 views

CVE-2014-6122

IBM Security AppScan Enterprise 8.5 before 8.5 IFix 002, 8.6 before 8.6 IFix 004, 8.7 before 8.7 IFix 004, 8.8 before 8.8 iFix 003, 9.0 before 9.0.0.1 iFix 003, and 9.0.1 before 9.0.1 iFix 001 allows remote authenticated users to write to arbitrary folders, and consequently execute arbitrary comman...

5.5CVSS6.9AI score0.01343EPSS

CVE•added 2014/12/23 2:59 a.m.•35 views

CVE-2014-6135

IBM Security AppScan Enterprise 8.5 before 8.5 IFix 002, 8.6 before 8.6 IFix 004, 8.7 before 8.7 IFix 004, 8.8 before 8.8 iFix 003, 9.0 before 9.0.0.1 iFix 003, and 9.0.1 before 9.0.1 iFix 001 allows remote attackers to conduct clickjacking attacks via unspecified vectors.

4.3CVSS6.7AI score0.00246EPSS

CVE•added 2014/10/26 6:55 p.m.•31 views

CVE-2014-4812

The installer in IBM Security AppScan Source 8.x and 9.x through 9.0.1 has an open network port for a debug service, which allows remote attackers to obtain sensitive information by connecting to this port.

1.8CVSS6.2AI score0.0011EPSS

CVE•added 2017/02/01 8:59 p.m.•30 views

CVE-2016-3035

IBM AppScan Source could reveal some sensitive information through the browsing of testlinks on the server.

5.3CVSS5.1AI score0.00187EPSS