PT-2014-6132 · Ibm · Ibm Security Appscan Source

Published

2014-10-26

Updated

2017-08-29

CVE-2014-4812

CVSS v2.0

1.8

Low

Vector

AV:A/AC:H/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions IBM Security AppScan Source versions 8.x through 9.0.1

Description The issue concerns an open network port for a debug service in the installer, which can be exploited by remote attackers to obtain sensitive information by connecting to this port.

Recommendations For IBM Security AppScan Source versions 8.x through 9.0.1, consider disabling the debug service to prevent unauthorized access until a patch is available. Restrict access to the affected network port to minimize the risk of exploitation.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2014-4812

Affected Products

Ibm Security Appscan Source

PT-2014-6132 · Ibm · Ibm Security Appscan Source

CVE-2014-4812

Weakness Enumeration

Related Identifiers

Affected Products

References · 3