Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-6122

Overview

Vulnerability Score 5.5 5.5
CVE Id CVE-2014-6122
Last Modified 23 Dec 2014 05:08:53
Published 22 Dec 2014 09:59:02
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2014-6122

Summary

IBM Security AppScan Enterprise 8.5 before 8.5 IFix 002, 8.6 before 8.6 IFix 004, 8.7 before 8.7 IFix 004, 8.8 before 8.8 iFix 003, 9.0 before 9.0.0.1 iFix 003, and 9.0.1 before 9.0.1 iFix 001 allows remote authenticated users to write to arbitrary folders, and consequently execute arbitrary commands, via a modified argument.

Vulnerable Systems

Application

  • Ibm Security Appscan 8.5

  • Ibm Security Appscan 8.6

  • Ibm Security Appscan 8.7

  • Ibm Security Appscan 8.8

  • Ibm Security Appscan 9.0

  • Ibm Security Appscan 9.0.0.1

  • Ibm Security Appscan Source 9.0.1


References

XF - ibm-appscan-cve20146122-sec-bypass(96723)

CONFIRM - http://www-01.ibm.com/support/docview.wss?uid=swg21693035


Last Updated: 27 May 2016 11:07:20