CVE-2014-6120

CWE-77Command Injection3 documents3 sources
Severity
9.8CRITICAL
EPSS
4.0%
top 11.59%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
IBM Rational Appscan SourceIBM Security Appscan Source
Timeline
PublishedApr 12
Latest updateMay 14

Description

IBM Rational AppScan Source 8.0 through 8.0.0.2 and 8.5 through 8.5.0.1 and Security AppScan Source 8.6 through 8.6.0.2, 8.7 through 8.7.0.1, 8.8, 9.0 through 9.0.0.1, and 9.0.1 allow remote attackers to execute arbitrary commands on the installation server via unspecified vectors. IBM X-Force ID: 96721.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

NVDibm/rational_appscan_source5 versions+4
NVDibm/security_appscan_source9 versions+8

🔴Vulnerability Details

2
GHSA
GHSA-ccq2-pw4v-mwxx: IBM Rational AppScan Source 82022-05-14
CVEList
CVE-2014-6120: IBM Rational AppScan Source 82018-04-12
CVE-2014-6120 (CRITICAL CVSS 9.8) | IBM Rational AppScan Source 8.0 thr | cvebase.io