Lucene search
HistoryFeb 02, 2015 - 1:59 a.m.
CVE-2014-6136
ibm
security
appscan standard
vulnerability
unencrypted sessions
network sniffing
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.2 Medium
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
58.6%
IBM Security AppScan Standard 8.x and 9.x before 9.0.1.1 FP1 supports unencrypted sessions, which allows remote attackers to obtain sensitive information by sniffing the network.
Affected configurations
Node
ibmsecurity_appscanMatch8.0.0.0standard
ORibmsecurity_appscanMatch8.0.0.1standard
ORibmsecurity_appscanMatch8.0.0.2standard
ORibmsecurity_appscanMatch8.0.0.3standard
ORibmsecurity_appscanMatch8.5.0.0standard
ORibmsecurity_appscanMatch8.5.0.1standard
ORibmsecurity_appscanMatch8.6.0.0standard
ORibmsecurity_appscanMatch8.6.0.1standard
ORibmsecurity_appscanMatch8.7.0.0standard
ORibmsecurity_appscanMatch8.7.0.1standard
ORibmsecurity_appscanMatch8.8.0.0standard
ORibmsecurity_appscanMatch9.0.0.0standard
ORibmsecurity_appscanMatch9.0.0.1standard
ORibmsecurity_appscanMatch9.0.1.0standard
ORibmsecurity_appscanMatch9.0.1.1standard
Related
prion
prion
Design/Logic Flaw
2015-02-02 01:59:00
cvelist
cvelist
CVE-2014-6136
2015-02-02 01:00:00
nvd
nvd
CVE-2014-6136
2015-02-02 01:59:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.2 Medium
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
58.6%
Related for CVE-2014-6136