CVE-2014-6136

CWE-3103 documents3 sources
Severity
5.0MEDIUM
EPSS
0.2%
top 54.79%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Security Appscan
Timeline
PublishedFeb 2
Latest updateMay 17

Description

IBM Security AppScan Standard 8.x and 9.x before 9.0.1.1 FP1 supports unencrypted sessions, which allows remote attackers to obtain sensitive information by sniffing the network.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDibm/security_appscan15 versions+14

🔴Vulnerability Details

2
GHSA
GHSA-96j7-hp6f-9w4x: IBM Security AppScan Standard 82022-05-17
CVEList
CVE-2014-6136: IBM Security AppScan Standard 82015-02-02
CVE-2014-6136 (MEDIUM CVSS 5) | IBM Security AppScan Standard 8.x a | cvebase.io