Information Disclosure Vulnerability in IBM Security AppScan Enterprise
CVE-2013-3989

Currently unrated

Key Information:

Vendor: IBM
Status: Security Appscan
Vendor: CVE Published:; 25 October 2013

Summary

IBM Security AppScan Enterprise versions prior to 8.8 inadvertently expose sensitive information by sending the database password in cleartext within responses. This vulnerability permits remote authenticated users to capture this information, which can lead to further security breaches, including man-in-the-middle attacks. It highlights the critical importance of secure password handling and the implications of information leaks in application security.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/84975

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=swg21653287

x_refsource_CONFIRM

Timeline

Vulnerability published
Oct 25, 2013
Vulnerability Reserved
Jun 7, 2013