CVE-2014-6123

CWE-200 — Information Exposure3 documents3 sources

Severity

2.1LOW

EPSS

0.1%

top 84.39%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Rational Appscan Source IBM Security Appscan Source

Timeline

PublishedDec 29

Latest updateMay 17

Description

IBM Rational AppScan Source 8.0 through 8.0.0.2 and 8.5 through 8.5.0.1 and Security AppScan Source 8.6 through 8.6.0.2, 8.7 through 8.7.0.1, 8.8, 9.0 through 9.0.0.1, and 9.0.1 allow local users to obtain sensitive credential information by reading installation logs.

CVSS vector

AV:L/AC:L/C:P/I:N/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages2 packages

▶NVDibm/rational_appscan_source5 versions+4

▶NVDibm/security_appscan_source9 versions+8

🔴Vulnerability Details

GHSA

GHSA-9ghc-vf2q-c3mf: IBM Rational AppScan Source 8↗2022-05-17

▶

CVEList

CVE-2014-6123: IBM Rational AppScan Source 8↗2014-12-29

▶