6.4 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
47.3%
IBM Security AppScan Enterprise 8.5 through 8.7.0.1, when Jazz authentication is enabled, allows man-in-the-middle attackers to obtain sensitive information or modify data by leveraging an improperly protected URL to obtain a session token.
www-01.ibm.com/support/docview.wss?uid=swg21655578
exchange.xforce.ibmcloud.com/vulnerabilities/88190