Security Appscan@8.7.0.1 Security Vulnerabilities and Issues — Security Appscan@8.7.0.1 CVE List

Lucene search

IbmSecurity Appscan8.7.0.1

4 matches found

CVE•added 2013/11/13 3:55 p.m.•31 views

CVE-2013-5450

IBM Security AppScan Enterprise 8.5 through 8.7.0.1, when Jazz authentication is enabled, allows man-in-the-middle attackers to obtain sensitive information or modify data by leveraging an improperly protected URL to obtain a session token.

4CVSS6.2AI score0.00198EPSS

CVE•added 2013/10/28 3:42 a.m.•30 views

CVE-2013-5430

The Jazz Team Server component in IBM Security AppScan Enterprise 8.x before 8.8 has a default username and password, which makes it easier for remote authenticated users to obtain unspecified access to this component by leveraging this credential information in an environment with applicable compo...

5.5CVSS5.8AI score0.00154EPSS

CVE•added 2013/10/25 8:55 p.m.•28 views

CVE-2013-3989

IBM Security AppScan Enterprise 8.x before 8.8 sends a cleartext AppScan Source database password in a response, which allows remote authenticated users to obtain sensitive information, and subsequently conduct man-in-the-middle attacks, by examining the response content.

3.5CVSS6.1AI score0.00158EPSS

CVE•added 2013/11/13 3:55 p.m.•28 views

CVE-2013-5453

IBM Security AppScan Enterprise 5.6 through 8.7.0.1 allows remote authenticated users to read arbitrary report files by leveraging knowledge of filenames that cannot be easily predicted.

3.5CVSS6.3AI score0.00158EPSS