CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-0936

IBM Security AppScan Source 8.0 through 9.0, when the publish-assessment permission is not properly restricted for the configured database server, transmits cleartext assessment data, which allows remote attackers to obtain sensitive information by sniffing the network.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 46.7%

CVSS Severity

CVSS v2 Score 4.3

References

Products affected by CVE-2014-0936

Ibm » Security Appscan Source » Version: 8.0

cpe:2.3:a:ibm:security_appscan_source:8.0
Ibm » Security Appscan Source » Version: 8.5

cpe:2.3:a:ibm:security_appscan_source:8.5
Ibm » Security Appscan Source » Version: 8.6

cpe:2.3:a:ibm:security_appscan_source:8.6
Ibm » Security Appscan Source » Version: 8.7

cpe:2.3:a:ibm:security_appscan_source:8.7
Ibm » Security Appscan Source » Version: 8.8

cpe:2.3:a:ibm:security_appscan_source:8.8
Ibm » Security Appscan Source » Version: 9.0

cpe:2.3:a:ibm:security_appscan_source:9.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-0936

Products

Pricing

Contact Us