CVE-2014-8918

Currently unrated

Key Information:

Vendor: IBM
Status: Security Appscan
Vendor: CVE Published:; 2 February 2015

Summary

IBM Security AppScan Standard 8.x and 9.x before 9.0.1.1 FP1 does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/99304

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=swg21695170

x_refsource_CONFIRM

Timeline

Vulnerability published
Feb 2, 2015
Vulnerability Reserved
Nov 14, 2014