Lucene search

[email protected]CVE-2014-6123

HistoryDec 29, 2014 - 2:59 a.m.

CVE-2014-6123

2014-12-2902:59:00

CWE-200

[email protected]

web.nvd.nist.gov

ibm

rational appscan

source

security

credential

information

installation logs

vulnerability

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

5.9 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

IBM Rational AppScan Source 8.0 through 8.0.0.2 and 8.5 through 8.5.0.1 and Security AppScan Source 8.6 through 8.6.0.2, 8.7 through 8.7.0.1, 8.8, 9.0 through 9.0.0.1, and 9.0.1 allow local users to obtain sensitive credential information by reading installation logs.

Affected configurations

NVD

Node

ibmrational_appscan_sourceMatch8.0.0.0

ibmrational_appscan_sourceMatch8.0.0.1

ibmrational_appscan_sourceMatch8.0.0.2

ibmrational_appscan_sourceMatch8.5.0.0

ibmrational_appscan_sourceMatch8.5.0.1

Node

ibmsecurity_appscan_sourceMatch8.6.0.0

ibmsecurity_appscan_sourceMatch8.6.0.1

ibmsecurity_appscan_sourceMatch8.6.0.2

ibmsecurity_appscan_sourceMatch8.7.0.0

ibmsecurity_appscan_sourceMatch8.7.0.1

ibmsecurity_appscan_sourceMatch8.8

ibmsecurity_appscan_sourceMatch9.0

ibmsecurity_appscan_sourceMatch9.0.0.0

ibmsecurity_appscan_sourceMatch9.0.1

CPENameOperatorVersion
ibm:rational_appscan_sourceibm rational appscan sourceeq8.0.0.0
ibm:rational_appscan_sourceibm rational appscan sourceeq8.0.0.1
ibm:rational_appscan_sourceibm rational appscan sourceeq8.0.0.2
ibm:rational_appscan_sourceibm rational appscan sourceeq8.5.0.0
ibm:rational_appscan_sourceibm rational appscan sourceeq8.5.0.1

CPE	Name	Operator	Version
ibm:rational_appscan_source	ibm rational appscan source	eq	8.0.0.0
ibm:rational_appscan_source	ibm rational appscan source	eq	8.0.0.1
ibm:rational_appscan_source	ibm rational appscan source	eq	8.0.0.2
ibm:rational_appscan_source	ibm rational appscan source	eq	8.5.0.0
ibm:rational_appscan_source	ibm rational appscan source	eq	8.5.0.1

References

www-01.ibm.com/support/docview.wss?uid=swg21692999

exchange.xforce.ibmcloud.com/vulnerabilities/96724

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

5.9 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2014-6123

cvelist1 prion1 nvd1