Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-6136

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2014-6136
Last Modified 02 Feb 2015 05:41:48
Published 01 Feb 2015 08:59:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2014-6136

Summary

IBM Security AppScan Standard 8.x and 9.x before 9.0.1.1 FP1 supports unencrypted sessions, which allows remote attackers to obtain sensitive information by sniffing the network.

Vulnerable Systems

Application

  • Ibm Security Appscan 8.0.0.0

  • Ibm Security Appscan 8.0.0.1

  • Ibm Security Appscan 8.0.0.2

  • Ibm Security Appscan 8.0.0.3

  • Ibm Security Appscan 8.5.0.0

  • Ibm Security Appscan 8.5.0.1

  • Ibm Security Appscan 8.6.0.0

  • Ibm Security Appscan 8.6.0.1

  • Ibm Security Appscan 8.7.0.0

  • Ibm Security Appscan 8.7.0.1

  • Ibm Security Appscan 8.8.0.0

  • Ibm Security Appscan 9.0.0.0

  • Ibm Security Appscan 9.0.0.1

  • Ibm Security Appscan 9.0.1.0

  • Ibm Security Appscan 9.0.1.1


References

XF - ibm-appscan-cve20146136-info-disc(96816)

CONFIRM - http://www-01.ibm.com/support/docview.wss?uid=swg21695170


Last Updated: 27 May 2016 11:07:40