Vulnerability Details CVE-2014-6136
IBM Security AppScan Standard 8.x and 9.x before 9.0.1.1 FP1 supports unencrypted sessions, which allows remote attackers to obtain sensitive information by sniffing the network.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 45.2%
CVSS Severity
CVSS v2 Score 5.0
Products affected by CVE-2014-6136
-
cpe:2.3:a:ibm:security_appscan:8.0.0.0
-
cpe:2.3:a:ibm:security_appscan:8.0.0.1
-
cpe:2.3:a:ibm:security_appscan:8.0.0.2
-
cpe:2.3:a:ibm:security_appscan:8.0.0.3
-
cpe:2.3:a:ibm:security_appscan:8.5.0.0
-
cpe:2.3:a:ibm:security_appscan:8.5.0.1
-
cpe:2.3:a:ibm:security_appscan:8.6.0.0
-
cpe:2.3:a:ibm:security_appscan:8.6.0.1
-
cpe:2.3:a:ibm:security_appscan:8.7.0.0
-
cpe:2.3:a:ibm:security_appscan:8.7.0.1
-
cpe:2.3:a:ibm:security_appscan:8.8.0.0
-
cpe:2.3:a:ibm:security_appscan:9.0.0.0
-
cpe:2.3:a:ibm:security_appscan:9.0.0.1
-
cpe:2.3:a:ibm:security_appscan:9.0.1.0
-
cpe:2.3:a:ibm:security_appscan:9.0.1.1