VYPR
Medium severity5.5NVD Advisory· Published Aug 29, 2014· Updated Jun 17, 2026

CVE-2014-4806

CVE-2014-4806

Description

The installation process in IBM Security AppScan Enterprise 8.x before 8.6.0.2 iFix 003, 8.7.x before 8.7.0.1 iFix 003, 8.8.x before 8.8.0.1 iFix 002, and 9.0.x before 9.0.0.1 iFix 001 on Linux places a cleartext password in a temporary file, which allows local users to obtain sensitive information by reading this file.

Affected products

2
  • cpe:2.3:a:ibm:security_appscan:*:*:*:*:enterprise:*:*:*
    Range: >=8.0.0.0,<8.6.0.2
  • Range: >=8.0, <8.6.0.2 iFix 003; >=8.7.0, <8.7.0.1 iFix 003; >=8.8.0, <8.8.0.1 iFix 002; >=9.0.0, <9.0.0.1 iFix 001

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.