CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2014-0904

The update process in IBM Security AppScan Standard 7.9 through 8.8 does not require integrity checks of downloaded files, which allows remote attackers to execute arbitrary code via a crafted file.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.122

EPSS Ranking 93.6%

CVSS Severity

CVSS v2 Score 7.6

References

http://www-01.ibm.com/support/docview.wss?uid=swg21666775
https://exchange.xforce.ibmcloud.com/vulnerabilities/91536
http://www-01.ibm.com/support/docview.wss?uid=swg21666775
https://exchange.xforce.ibmcloud.com/vulnerabilities/91536

Products affected by CVE-2014-0904

Ibm » Security Appscan » Version: 7.9

cpe:2.3:a:ibm:security_appscan:7.9
Ibm » Security Appscan » Version: 8.0

cpe:2.3:a:ibm:security_appscan:8.0
Ibm » Security Appscan » Version: 8.5

cpe:2.3:a:ibm:security_appscan:8.5
Ibm » Security Appscan » Version: 8.6

cpe:2.3:a:ibm:security_appscan:8.6
Ibm » Security Appscan » Version: 8.7

cpe:2.3:a:ibm:security_appscan:8.7
Ibm » Security Appscan » Version: 8.8

cpe:2.3:a:ibm:security_appscan:8.8

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-0904

Products

Pricing

Contact Us