Sensitive Information Disclosure Vulnerability in IBM AppScan Source
CVE-2016-3035

5.3MEDIUM

Key Information:

Vendor: IBM Corporation
Status: AppScan Source
Vendor: CVE Published:; 1 February 2017

Summary

IBM AppScan Source has a vulnerability that may allow unauthorized exposure of sensitive information by enabling browsing of test links on the server. This could lead to potential security risks if attackers exploit the flaw to access confidential data.

Affected Version(s)

AppScan Source 7.0

AppScan Source 8.0

AppScan Source 8.0.0.1

References

http://www.securityfocus.com/bid/95177

vdb-entryx_refsource_BID

http://www.ibm.com/support/docview.wss?uid=swg21987325

x_refsource_CONFIRM

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 1, 2017
Vulnerability Reserved
Mar 9, 2016