Vulnerabilities > IBM > Security Appscan Source
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-12 | CVE-2014-6120 | Command Injection vulnerability in IBM Rational Appscan Source and Security Appscan Source IBM Rational AppScan Source 8.0 through 8.0.0.2 and 8.5 through 8.5.0.1 and Security AppScan Source 8.6 through 8.6.0.2, 8.7 through 8.7.0.1, 8.8, 9.0 through 9.0.0.1, and 9.0.1 allow remote attackers to execute arbitrary commands on the installation server via unspecified vectors. | 9.8 |
| 2017-02-01 | CVE-2016-3035 | Information Exposure vulnerability in IBM Security Appscan Source 9.0.1/9.0.2/9.0.3 IBM AppScan Source could reveal some sensitive information through the browsing of testlinks on the server. | 5.3 |
| 2017-02-01 | CVE-2016-3034 | Inadequate Encryption Strength vulnerability in IBM Security Appscan Source 9.0.1/9.0.2/9.0.3 IBM AppScan Source uses a one-way hash without salt to encrypt highly sensitive information, which could allow a local attacker to decrypt information more easily. | 4.4 |