Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The installation process in IBM Security AppScan Enterprise 8.x before 8.6.0.2 iFix 003, 8.7.x before 8.7.0.1 iFix 003, 8.8.x before 8.8.0.1 iFix 002, and 9.0.x before 9.0.0.1 iFix 001 on Linux places a cleartext password in a temporary file, which allows local users to obtain sensitive information by reading this file.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM Security AppScan Enterprise 加密问题漏洞
Vulnerability Description
IBM Security AppScan Enterprise(前称IBM Rational AppScan Enterprise)是美国IBM公司的一套Web应用安全测试解决方案。该方案支持同时扫描多个Web应用、生成漏洞报告以及智能化修补等。 基于Linux平台的IBM Security AppScan Enterprise中的安装进程中存在安全漏洞,该漏洞源于程序在临时文件中存放明文密码。本地攻击者可通过读取该临时文件利用该漏洞获取敏感信息。以下版本受到影响:IBM Security AppScan
CVSS Information
N/A
Vulnerability Type
N/A