Medium severity5.5NVD Advisory· Published Aug 29, 2014· Updated Jun 17, 2026
CVE-2014-4806
CVE-2014-4806
Description
The installation process in IBM Security AppScan Enterprise 8.x before 8.6.0.2 iFix 003, 8.7.x before 8.7.0.1 iFix 003, 8.8.x before 8.8.0.1 iFix 002, and 9.0.x before 9.0.0.1 iFix 001 on Linux places a cleartext password in a temporary file, which allows local users to obtain sensitive information by reading this file.
Affected products
2- cpe:2.3:a:ibm:security_appscan:*:*:*:*:enterprise:*:*:*Range: >=8.0.0.0,<8.6.0.2
- Range: >=8.0, <8.6.0.2 iFix 003; >=8.7.0, <8.7.0.1 iFix 003; >=8.8.0, <8.8.0.1 iFix 002; >=9.0.0, <9.0.0.1 iFix 001
Patches
Vulnerability mechanics
References
3- www.securityfocus.com/bid/69435nvdThird Party AdvisoryVDB Entry
- exchange.xforce.ibmcloud.com/vulnerabilities/95354nvdVDB EntryVendor Advisory
- www-01.ibm.com/support/docview.wssnvdBroken Link
News mentions
0No linked articles in our index yet.