Information Disclosure Vulnerability in IBM Security AppScan Standard
CVE-2014-6136

Currently unrated

Key Information:

Vendor: IBM
Status: Security Appscan
Vendor: CVE Published:; 2 February 2015

Summary

IBM Security AppScan Standard versions 8.x and 9.x, prior to 9.0.1.1 FP1, allow unencrypted sessions, which could be exploited by remote attackers. This vulnerability enables attackers to intercept network traffic and gain access to sensitive information. Proper session encryption is critical to secure communications and protect against data leakage.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21695170

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/96816

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Feb 2, 2015
Vulnerability Reserved
Sep 2, 2014