PT-2014-7055 · Ibm · Ibm Rational Appscan Source+1
Published
2014-12-29
·
Updated
2017-09-08
·
CVE-2014-6123
CVSS v2.0
2.1
Low
| Vector | AV:L/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
IBM Rational AppScan Source versions 8.0 through 8.0.0.2
IBM Rational AppScan Source versions 8.5 through 8.5.0.1
IBM Security AppScan Source versions 8.6 through 8.6.0.2
IBM Security AppScan Source versions 8.7 through 8.7.0.1
IBM Security AppScan Source version 8.8
IBM Security AppScan Source versions 9.0 through 9.0.0.1
IBM Security AppScan Source version 9.0.1
Description
The issue allows local users to obtain sensitive credential information by reading installation logs.
Recommendations
For IBM Rational AppScan Source versions 8.0 through 8.0.0.2, update to a version outside of this range to resolve the issue.
For IBM Rational AppScan Source versions 8.5 through 8.5.0.1, update to a version outside of this range to resolve the issue.
For IBM Security AppScan Source versions 8.6 through 8.6.0.2, update to a version outside of this range to resolve the issue.
For IBM Security AppScan Source versions 8.7 through 8.7.0.1, update to a version outside of this range to resolve the issue.
For IBM Security AppScan Source version 8.8, update to a version outside of this range to resolve the issue.
For IBM Security AppScan Source versions 9.0 through 9.0.0.1, update to a version outside of this range to resolve the issue.
For IBM Security AppScan Source version 9.0.1, update to a version outside of this range to resolve the issue.
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Rational Appscan Source
Ibm Security Appscan Source