CVE-2014-4806

Loading...

General

Score:2.1/10.0
Severity:Low
Category:Cryptography Error

Impact Metrics

Confidentiality:Partial
Integrity:None
Availability:None

Exploitability Metrics

Access Vector:Local
Access Complexity:Low
Authentication:None

Published on 29/08/14 - Updated on 29/08/17

Description

The installation process in IBM Security AppScan Enterprise 8.x before 8.6.0.2 iFix 003, 8.7.x before 8.7.0.1 iFix 003, 8.8.x before 8.8.0.1 iFix 002, and 9.0.x before 9.0.0.1 iFix 001 on Linux places a cleartext password in a temporary file, which allows local users to obtain sensitive information by reading this file.

Category: Cryptography Error

CWE-310 (Cryptographic Issues)
Weaknesses in this category are related to the use of cryptography.

Security Notices

US National Vulnerability DatabaseCVE-2014-4806

Exploits

No exploits available for this CVE in our database.

Relative technologies

VendorProduct
ibmsecurity_appscan

Share this vulnerability with:

Twitter Facebook LinkedIn Mail