CVE-2013-0531

2013-09-0816:55:06

CWE-310

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

5.8

Confidence

Low

EPSS

0.002

Percentile

52.3%

JSON

The SSL implementation in IBM Security AppScan Enterprise before 8.7.0.1 enables cipher suites with weak encryption algorithms, which makes it easier for remote attackers to obtain sensitive information by sniffing the network.

Affected configurations

Nvd

Node

ibmsecurity_appscanRange≤8.7.0.0-enterprise

ibmsecurity_appscanMatch5.6.0.0-enterprise

ibmsecurity_appscanMatch6.0.0.0-enterprise

ibmsecurity_appscanMatch6.0.1.0-enterprise

ibmsecurity_appscanMatch6.0.2.0-enterprise

ibmsecurity_appscanMatch6.1.1.0-enterprise

ibmsecurity_appscanMatch8.0.0.0-enterprise

ibmsecurity_appscanMatch8.0.0.1-enterprise

ibmsecurity_appscanMatch8.0.0.2-enterprise

ibmsecurity_appscanMatch8.0.1.0-enterprise

ibmsecurity_appscanMatch8.0.1.1-enterprise

ibmsecurity_appscanMatch8.0.11-enterprise

ibmsecurity_appscanMatch8.5.0.0-enterprise

ibmsecurity_appscanMatch8.5.0.1-enterprise

ibmsecurity_appscanMatch8.6.0.0-enterprise

ibmsecurity_appscanMatch8.6.0.1-enterprise

ibmsecurity_appscanMatch8.6.0.2-enterprise

VendorProductVersionCPE
ibmsecurity_appscan*cpe:2.3:a:ibm:security_appscan:*:-:enterprise:*:*:*:*:*
ibmsecurity_appscan5.6.0.0cpe:2.3:a:ibm:security_appscan:5.6.0.0:-:enterprise:*:*:*:*:*
ibmsecurity_appscan6.0.0.0cpe:2.3:a:ibm:security_appscan:6.0.0.0:-:enterprise:*:*:*:*:*
ibmsecurity_appscan6.0.1.0cpe:2.3:a:ibm:security_appscan:6.0.1.0:-:enterprise:*:*:*:*:*
ibmsecurity_appscan6.0.2.0cpe:2.3:a:ibm:security_appscan:6.0.2.0:-:enterprise:*:*:*:*:*
ibmsecurity_appscan6.1.1.0cpe:2.3:a:ibm:security_appscan:6.1.1.0:-:enterprise:*:*:*:*:*
ibmsecurity_appscan8.0.0.0cpe:2.3:a:ibm:security_appscan:8.0.0.0:-:enterprise:*:*:*:*:*
ibmsecurity_appscan8.0.0.1cpe:2.3:a:ibm:security_appscan:8.0.0.1:-:enterprise:*:*:*:*:*
ibmsecurity_appscan8.0.0.2cpe:2.3:a:ibm:security_appscan:8.0.0.2:-:enterprise:*:*:*:*:*
ibmsecurity_appscan8.0.1.0cpe:2.3:a:ibm:security_appscan:8.0.1.0:-:enterprise:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	security_appscan	*	cpe:2.3:a:ibm:security_appscan::-:enterprise:::::
ibm	security_appscan	5.6.0.0	cpe:2.3:a:ibm:security_appscan:5.6.0.0:-:enterprise:::::*
ibm	security_appscan	6.0.0.0	cpe:2.3:a:ibm:security_appscan:6.0.0.0:-:enterprise:::::*
ibm	security_appscan	6.0.1.0	cpe:2.3:a:ibm:security_appscan:6.0.1.0:-:enterprise:::::*
ibm	security_appscan	6.0.2.0	cpe:2.3:a:ibm:security_appscan:6.0.2.0:-:enterprise:::::*
ibm	security_appscan	6.1.1.0	cpe:2.3:a:ibm:security_appscan:6.1.1.0:-:enterprise:::::*
ibm	security_appscan	8.0.0.0	cpe:2.3:a:ibm:security_appscan:8.0.0.0:-:enterprise:::::*
ibm	security_appscan	8.0.0.1	cpe:2.3:a:ibm:security_appscan:8.0.0.1:-:enterprise:::::*
ibm	security_appscan	8.0.0.2	cpe:2.3:a:ibm:security_appscan:8.0.0.2:-:enterprise:::::*
ibm	security_appscan	8.0.1.0	cpe:2.3:a:ibm:security_appscan:8.0.1.0:-:enterprise:::::*