Medium severity5.5NVD Advisory· Published Aug 29, 2014· Updated May 6, 2026

CVE-2014-4806

Description

The installation process in IBM Security AppScan Enterprise 8.x before 8.6.0.2 iFix 003, 8.7.x before 8.7.0.1 iFix 003, 8.8.x before 8.8.0.1 iFix 002, and 9.0.x before 9.0.0.1 iFix 001 on Linux places a cleartext password in a temporary file, which allows local users to obtain sensitive information by reading this file.

Affected products

IBM/Security Appscan
cpe:2.3:a:ibm:security_appscan:*:*:*:*:enterprise:*:*:*
Range: >=8.0.0.0,<8.6.0.2

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/69435nvdThird Party AdvisoryVDB Entry
exchange.xforce.ibmcloud.com/vulnerabilities/95354nvdVDB EntryVendor Advisory
www-01.ibm.com/support/docview.wssnvdBroken Link

News mentions

No linked articles in our index yet.

cvss	0.358
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000