Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
IBM Security AppScan Enterprise 8.x before 8.8 sends a cleartext AppScan Source database password in a response, which allows remote authenticated users to obtain sensitive information, and subsequently conduct man-in-the-middle attacks, by examining the response content.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM Security AppScan Enterprise 安全漏洞
Vulnerability Description
IBM Security AppScan Enterprise(前称IBM Rational AppScan Enterprise)是美国IBM公司的一套Web应用安全测试解决方案。该方案支持同时扫描多个Web应用、生成漏洞报告以及智能化修补等。 IBM Security AppScan Enterprise 8.8之前的8.x版本中存在安全漏洞,该漏洞源于程序在响应中以明文方式发送AppScan Source数据库密码。远程经过授权的攻击者可通过检查响应中的内容利用该漏洞获取敏感信息,实施中间人攻击。
CVSS Information
N/A
Vulnerability Type
N/A