Remote Code Execution Vulnerability in IBM Rational AppScan Enterprise
CVE-2009-1056

Currently unrated

Key Information:

Vendor: IBM
Status: Rational Appscan
Vendor: CVE Published:; 24 March 2009

Summary

IBM Rational AppScan Enterprise, prior to version 5.5 FP1, suffers from a vulnerability that allows remote attackers to access sensitive exported reports through unauthorized methods. This flaw could potentially expose confidential information and create security risks for organizations relying on this application for web application security testing. Proper safeguards and updates should be implemented to mitigate this risk.

References

http://secunia.com/advisories/34349

third-party-advisoryx_refsource_SECUNIA

http://www.securitytracker.com/id?1021863

vdb-entryx_refsource_SECTRACK

http://osvdb.org/52764

vdb-entryx_refsource_OSVDB

Timeline

Vulnerability published
Mar 24, 2009
Vulnerability Reserved
Mar 24, 2009