PT-2018-4281 · Ibm · Ibm Rational Appscan Source+1
Publicado
2018-04-12
·
Atualizado
2018-05-11
·
CVE-2014-6120
CVSS v2.0
10
Alta
| Vetor | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
IBM Rational AppScan Source versions 8.0 through 8.0.0.2
IBM Rational AppScan Source versions 8.5 through 8.5.0.1
IBM Security AppScan Source versions 8.6 through 8.6.0.2
IBM Security AppScan Source versions 8.7 through 8.7.0.1
IBM Security AppScan Source version 8.8
IBM Security AppScan Source versions 9.0 through 9.0.0.1
IBM Security AppScan Source version 9.0.1
Description
The issue allows remote attackers to execute arbitrary commands on the installation server via unspecified vectors.
Recommendations
For IBM Rational AppScan Source versions 8.0 through 8.0.0.2, update to a version outside of this range.
For IBM Rational AppScan Source versions 8.5 through 8.5.0.1, update to a version outside of this range.
For IBM Security AppScan Source versions 8.6 through 8.6.0.2, update to a version outside of this range.
For IBM Security AppScan Source versions 8.7 through 8.7.0.1, update to a version outside of this range.
For IBM Security AppScan Source version 8.8, update to a version outside of this range.
For IBM Security AppScan Source versions 9.0 through 9.0.0.1, update to a version outside of this range.
For IBM Security AppScan Source version 9.0.1, update to a version outside of this range.
Correção
Command Injection
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Ibm Rational Appscan Source
Ibm Security Appscan Source