CVE-2013-3989

CWE-3103 documents3 sources
Severity
3.5LOW
EPSS
0.2%
top 63.35%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Security Appscan
Timeline
PublishedOct 25
Latest updateMay 17

Description

IBM Security AppScan Enterprise 8.x before 8.8 sends a cleartext AppScan Source database password in a response, which allows remote authenticated users to obtain sensitive information, and subsequently conduct man-in-the-middle attacks, by examining the response content.

CVSS vector

AV:N/AC:M/C:P/I:N/A:NExploitability: 6.8 | Impact: 2.9

Affected Packages1 packages

NVDibm/security_appscan13 versions+12

🔴Vulnerability Details

2
GHSA
GHSA-2mfx-wqj9-m26w: IBM Security AppScan Enterprise 82022-05-17
CVEList
CVE-2013-3989: IBM Security AppScan Enterprise 82013-10-25
CVE-2013-3989 (LOW CVSS 3.5) | IBM Security AppScan Enterprise 8.x | cvebase.io