Vulnerabilities > IBM > Security Appscan Source > 8.6
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-10-26 | CVE-2014-4812 | Information Exposure vulnerability in IBM Security Appscan Source The installer in IBM Security AppScan Source 8.x and 9.x through 9.0.1 has an open network port for a debug service, which allows remote attackers to obtain sensitive information by connecting to this port. | 1.8 |
2014-08-12 | CVE-2014-3072 | Local Privilege Escalation vulnerability in IBM Security AppScan Source Unspecified vulnerability in the Automation Server in IBM Security AppScan Source 8 through 8.0.0.2, 8.5 through 8.5.0.1, 8.6 through 8.6.0.2, 8.7 through 8.7.0.1, 8.8, and 9.0 through 9.0.0.1 allows local users to gain privileges by executing a crafted service. | 7.2 |
2014-06-08 | CVE-2014-0936 | Permissions, Privileges, and Access Controls vulnerability in IBM Security Appscan Source IBM Security AppScan Source 8.0 through 9.0, when the publish-assessment permission is not properly restricted for the configured database server, transmits cleartext assessment data, which allows remote attackers to obtain sensitive information by sniffing the network. | 4.3 |