Security Appscan@9.0.0.1 Security Vulnerabilities and Issues — Security Appscan@9.0.0.1 CVE List

Lucene search

IbmSecurity Appscan9.0.0.1

9 matches found

CVE•added 2016/06/01 3:59 p.m.•40 views

CVE-2016-0288

IBM Security AppScan Standard 8.7.x, 8.8.x, and 9.x before 9.0.3.2 and Security AppScan Enterprise allow remote authenticated users to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) ...

6.5CVSS6.1AI score0.00421EPSS

CVE•added 2017/02/01 8:59 p.m.•40 views

CVE-2016-6042

IBM AppScan Enterprise Edition could allow a remote attacker to execute arbitrary code on the system, caused by improper handling of objects in memory. By persuading a victim to open specially-crafted content, an attacker could exploit this vulnerability to execute arbitrary code on the system in t...

9.3CVSS7.4AI score0.00608EPSS

CVE•added 2014/12/23 2:59 a.m.•36 views

CVE-2014-6121

Cross-site scripting (XSS) vulnerability in IBM Security AppScan Enterprise 8.5 before 8.5 IFix 002, 8.6 before 8.6 IFix 004, 8.7 before 8.7 IFix 004, 8.8 before 8.8 iFix 003, 9.0 before 9.0.0.1 iFix 003, and 9.0.1 before 9.0.1 iFix 001 allows remote authenticated users to inject arbitrary web scri...

3.5CVSS5.2AI score0.00188EPSS

CVE•added 2014/12/23 2:59 a.m.•35 views

CVE-2014-6119

IBM Security AppScan Enterprise 8.5 before 8.5 IFix 002, 8.6 before 8.6 IFix 004, 8.7 before 8.7 IFix 004, 8.8 before 8.8 iFix 003, 9.0 before 9.0.0.1 iFix 003, and 9.0.1 before 9.0.1 iFix 001 allows remote attackers to execute arbitrary code via a crafted executable file in an archive.

9.3CVSS7.7AI score0.09944EPSS

CVE•added 2014/12/23 2:59 a.m.•35 views

CVE-2014-6122

IBM Security AppScan Enterprise 8.5 before 8.5 IFix 002, 8.6 before 8.6 IFix 004, 8.7 before 8.7 IFix 004, 8.8 before 8.8 iFix 003, 9.0 before 9.0.0.1 iFix 003, and 9.0.1 before 9.0.1 iFix 001 allows remote authenticated users to write to arbitrary folders, and consequently execute arbitrary comman...

5.5CVSS6.9AI score0.01343EPSS

CVE•added 2014/12/23 2:59 a.m.•35 views

CVE-2014-6135

IBM Security AppScan Enterprise 8.5 before 8.5 IFix 002, 8.6 before 8.6 IFix 004, 8.7 before 8.7 IFix 004, 8.8 before 8.8 iFix 003, 9.0 before 9.0.0.1 iFix 003, and 9.0.1 before 9.0.1 iFix 001 allows remote attackers to conduct clickjacking attacks via unspecified vectors.

4.3CVSS6.7AI score0.00246EPSS

CVE•added 2015/02/02 1:59 a.m.•31 views

CVE-2014-8918

IBM Security AppScan Standard 8.x and 9.x before 9.0.1.1 FP1 does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

5.8CVSS5.8AI score0.00123EPSS

CVE•added 2015/02/02 1:59 a.m.•29 views

CVE-2014-6136

IBM Security AppScan Standard 8.x and 9.x before 9.0.1.1 FP1 supports unencrypted sessions, which allows remote attackers to obtain sensitive information by sniffing the network.

5CVSS6.2AI score0.00225EPSS

CVE•added 2017/08/02 5:29 p.m.•28 views

CVE-2016-9981

IBM AppScan Enterprise Edition 9.0 contains an unspecified vulnerability that could allow an attacker to hijack a valid user's session. IBM X-Force ID: 120257

8.1CVSS7.6AI score0.00452EPSS