1.8
CVE-2014-4812
- EPSS 0.11%
- Veröffentlicht 26.10.2014 18:55:05
- Zuletzt bearbeitet 12.04.2025 10:46:40
- Quelle psirt@us.ibm.com
- CVE-Watchlists
- Unerledigt
LoginThe installer in IBM Security AppScan Source 8.x and 9.x through 9.0.1 has an open network port for a debug service, which allows remote attackers to obtain sensitive information by connecting to this port.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Security Appscan Source Version8.0
Ibm ≫ Security Appscan Source Version8.0.0.1
Ibm ≫ Security Appscan Source Version8.0.0.2
Ibm ≫ Security Appscan Source Version8.5
Ibm ≫ Security Appscan Source Version8.5.0.1
Ibm ≫ Security Appscan Source Version8.6
Ibm ≫ Security Appscan Source Version8.6.0.1
Ibm ≫ Security Appscan Source Version8.6.0.2
Ibm ≫ Security Appscan Source Version8.7
Ibm ≫ Security Appscan Source Version8.7.0.0
Ibm ≫ Security Appscan Source Version8.7.0.1
Ibm ≫ Security Appscan Source Version8.8
Ibm ≫ Security Appscan Source Version9.0
Ibm ≫ Security Appscan Source Version9.0.0.1
Ibm ≫ Security Appscan Source Version9.0.1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.11% | 0.263 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 1.8 | 3.2 | 2.9 |
AV:A/AC:H/Au:N/C:P/I:N/A:N
|
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.