[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250770

 
 

909

 
 

196157

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2012-0731Date: (C)2012-05-03   (M)2023-12-22


IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 does not prevent service-account impersonation, which allows remote authenticated users to read arbitrary files via unspecified vectors.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 6.8
Exploit Score: 8.0
Impact Score: 6.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: SINGLE
Confidentiality: COMPLETE
Integrity: NONE
Availability: NONE
  
Reference:
SECUNIA-48967
SECUNIA-48968
BID-53247
ae-config-info-disclosure(74371)
http://www.ibm.com/support/docview.wss?uid=swg21592188

CPE    15
cpe:/a:ibm:rational_appscan:8.0.1.1::enterprise
cpe:/a:ibm:rational_appscan:5.6.0::enterprise
cpe:/a:ibm:rational_appscan:8.0.0::enterprise
cpe:/a:ibm:rational_appscan:8.0.0.2::enterprise
...
CWE    1
CWE-200

© SecPod Technologies