Ibm Security Appscan Source — known CVE vulnerabilities
Every CVE whose affected-product data names Ibm Security Appscan Source, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (14)
CVE-2014-6120 — CVSS 9.8 (critical): IBM Rational AppScan Source 8.0 through 8.0.0.2 and 8.5 through 8.5.0.1 and Security AppScan Source 8.6 through 8.6.0.2, 8.7 through…
CVE-2014-6119 — CVSS 9.3 (critical): IBM Security AppScan Enterprise 8.5 before 8.5 IFix 002, 8.6 before 8.6 IFix 004, 8.7 before 8.7 IFix 004, 8.8 before 8.8 iFix 003, 9.0…
CVE-2014-3072 — CVSS 7.2 (high): Unspecified vulnerability in the Automation Server in IBM Security AppScan Source 8 through 8.0.0.2, 8.5 through 8.5.0.1, 8.6 through…
CVE-2012-2159 — CVSS 5.8 (medium): Open redirect vulnerability in IBM Eclipse Help System (IEHS), as used in IBM Security AppScan Source 7.x and 8.x before 8.6 and IBM SPSS…
CVE-2014-6122 — CVSS 5.5 (medium): IBM Security AppScan Enterprise 8.5 before 8.5 IFix 002, 8.6 before 8.6 IFix 004, 8.7 before 8.7 IFix 004, 8.8 before 8.8 iFix 003, 9.0…
CVE-2016-3035 — CVSS 5.3 (medium): IBM AppScan Source could reveal some sensitive information through the browsing of testlinks on the server.
CVE-2012-2173 — CVSS 5.0 (medium): The ODBC driver in IBM Security AppScan Source 7.x and 8.x before 8.6 sends an SHA-1 hash of the connection password during connections to…
CVE-2016-3034 — CVSS 4.4 (medium): IBM AppScan Source uses a one-way hash without salt to encrypt highly sensitive information, which could allow a local attacker to decrypt…
CVE-2014-0936 — CVSS 4.3 (medium): IBM Security AppScan Source 8.0 through 9.0, when the publish-assessment permission is not properly restricted for the configured database…
CVE-2012-2161 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in deferredView.jsp in IBM Eclipse Help System (IEHS), as used in IBM Security AppScan Source 7.x…
CVE-2014-6135 — CVSS 4.3 (medium): IBM Security AppScan Enterprise 8.5 before 8.5 IFix 002, 8.6 before 8.6 IFix 004, 8.7 before 8.7 IFix 004, 8.8 before 8.8 iFix 003, 9.0…
CVE-2014-6121 — CVSS 3.5 (low): Cross-site scripting (XSS) vulnerability in IBM Security AppScan Enterprise 8.5 before 8.5 IFix 002, 8.6 before 8.6 IFix 004, 8.7 before…
CVE-2014-6123 — CVSS 2.1 (low): IBM Rational AppScan Source 8.0 through 8.0.0.2 and 8.5 through 8.5.0.1 and Security AppScan Source 8.6 through 8.6.0.2, 8.7 through…
CVE-2014-4812 — CVSS 1.8 (low): The installer in IBM Security AppScan Source 8.x and 9.x through 9.0.1 has an open network port for a debug service, which allows remote…