2.1

CVE-2014-6123

EPSS 0.05%
Veröffentlicht 29.12.2014 02:59:00
Zuletzt bearbeitet 12.04.2025 10:46:40
Quelle psirt@us.ibm.com
CVE-Watchlists
Login
Unerledigt
Login

IBM Rational AppScan Source 8.0 through 8.0.0.2 and 8.5 through 8.5.0.1 and Security AppScan Source 8.6 through 8.6.0.2, 8.7 through 8.7.0.1, 8.8, 9.0 through 9.0.0.1, and 9.0.1 allow local users to obtain sensitive credential information by reading installation logs.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Ibm ≫ Rational Appscan Source Version8.0.0.0

Ibm ≫ Rational Appscan Source Version8.0.0.1

Ibm ≫ Rational Appscan Source Version8.0.0.2

Ibm ≫ Rational Appscan Source Version8.5.0.0

Ibm ≫ Rational Appscan Source Version8.5.0.1

Ibm ≫ Security Appscan Source Version8.6.0.0

Ibm ≫ Security Appscan Source Version8.6.0.1

Ibm ≫ Security Appscan Source Version8.6.0.2

Ibm ≫ Security Appscan Source Version8.7.0.0

Ibm ≫ Security Appscan Source Version8.7.0.1

Ibm ≫ Security Appscan Source Version8.8

Ibm ≫ Security Appscan Source Version9.0

Ibm ≫ Security Appscan Source Version9.0.0.0

Ibm ≫ Security Appscan Source Version9.0.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.05%	0.125

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	2.1	3.9	2.9	AV:L/AC:L/Au:N/C:P/I:N/A:N

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

http://www-01.ibm.com/support/docview.wss?uid=swg21692999

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/96724

https://nvd.nist.gov/vuln/detail/CVE-2014-6123

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2014-6123

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2014-6123

EUVD