CVE-2014-8918

Name of the Vulnerable Software and Affected Versions IBM Security AppScan Standard versions 8.x through 9.x before 9.0.1.1 FP1

Description The issue allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted X.509 certificate, as the software does not properly verify these certificates from SSL servers.

Recommendations For versions 8.x through 9.x before 9.0.1.1 FP1, update to version 9.0.1.1 FP1 or later to resolve the issue.