CVE-2014-4812

CWE-200Information Exposure3 documents3 sources
Severity
1.8LOW
EPSS
0.1%
top 70.61%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Security Appscan Source
Timeline
PublishedOct 26
Latest updateMay 17

Description

The installer in IBM Security AppScan Source 8.x and 9.x through 9.0.1 has an open network port for a debug service, which allows remote attackers to obtain sensitive information by connecting to this port.

CVSS vector

AV:A/AC:H/C:P/I:N/A:NExploitability: 3.2 | Impact: 2.9

Affected Packages1 packages

NVDibm/security_appscan_source15 versions+14

🔴Vulnerability Details

2
GHSA
GHSA-42j2-v49x-mg57: The installer in IBM Security AppScan Source 82022-05-17
CVEList
CVE-2014-4812: The installer in IBM Security AppScan Source 82014-10-26
CVE-2014-4812 (LOW CVSS 1.8) | The installer in IBM Security AppSc | cvebase.io