Security Appscan@8.8.0.0 Security Vulnerabilities and Issues — Security Appscan@8.8.0.0 CVE List

Lucene search

IbmSecurity Appscan8.8.0.0

4 matches found

CVE•added 2016/06/01 3:59 p.m.•40 views

CVE-2016-0288

IBM Security AppScan Standard 8.7.x, 8.8.x, and 9.x before 9.0.3.2 and Security AppScan Enterprise allow remote authenticated users to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) ...

6.5CVSS6.1AI score0.00421EPSS

CVE•added 2015/02/02 1:59 a.m.•31 views

CVE-2014-8918

IBM Security AppScan Standard 8.x and 9.x before 9.0.1.1 FP1 does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

5.8CVSS5.8AI score0.00123EPSS

CVE•added 2015/02/02 1:59 a.m.•29 views

CVE-2014-6136

IBM Security AppScan Standard 8.x and 9.x before 9.0.1.1 FP1 supports unencrypted sessions, which allows remote attackers to obtain sensitive information by sniffing the network.

5CVSS6.2AI score0.00225EPSS

CVE•added 2018/04/16 6:29 p.m.•29 views

CVE-2015-1952

Cross-site scripting (XSS) vulnerability in IBM AppScan Enterprise Edition 9.0.x before 9.0.2 iFix 001 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 103416.

5.4CVSS5AI score0.00129EPSS