Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The SSL implementation in IBM Security AppScan Enterprise before 8.7.0.1 enables cipher suites with weak encryption algorithms, which makes it easier for remote attackers to obtain sensitive information by sniffing the network.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM Security AppScan Enterprise Weak Cipher 安全绕过漏洞
Vulnerability Description
IBM Security AppScan Enterprise(前称IBM Rational AppScan Enterprise)是美国IBM公司的一套Web应用安全测试解决方案。该方案支持同时扫描多个Web应用、生成漏洞报告以及智能化修补等。 IBM Security AppScan Enterprise 5.6至8.7版本服务器支持的SSL密码套件中存在安全漏洞,密码套件使用弱加密算法。远程攻击者可通过嗅探网络利用该漏洞获得敏感信息,或在客户端实施中间人攻击。
CVSS Information
N/A
Vulnerability Type
N/A