CVE-2012-0732

Currently unrated

Key Information:

Vendor: IBM
Status: Rational Appscan
Vendor: CVE Published:; 3 May 2012

Summary

The Enterprise Console client in IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

References

http://secunia.com/advisories/48967

third-party-advisoryx_refsource_SECUNIA

https://exchange.xforce.ibmcloud.com/vulnerabilities/74389

vdb-entryx_refsource_XF

http://www.ibm.com/support/docview.wss?uid=swg21592188

x_refsource_CONFIRM

Timeline

Vulnerability published
May 3, 2012
Vulnerability Reserved
Jan 17, 2012