AppScan Source
by IBM
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-3033 | Hig | 0.53 | 8.1 | 0.01 | Dec 1, 2016 | IBM AppScan Source 8.7 through 9.0.3.3 allows remote authenticated users to read arbitrary files or cause a denial of service (memory consumption) via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External… | ||
| CVE-2016-3035 | Med | 0.35 | 5.3 | 0.01 | Feb 1, 2017 | IBM AppScan Source could reveal some sensitive information through the browsing of testlinks on the server. | ||
| CVE-2016-3034 | Med | 0.29 | 4.4 | 0.00 | Feb 1, 2017 | IBM AppScan Source uses a one-way hash without salt to encrypt highly sensitive information, which could allow a local attacker to decrypt information more easily. |
- risk 0.53cvss 8.1epss 0.01
IBM AppScan Source 8.7 through 9.0.3.3 allows remote authenticated users to read arbitrary files or cause a denial of service (memory consumption) via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External…
- risk 0.35cvss 5.3epss 0.01
IBM AppScan Source could reveal some sensitive information through the browsing of testlinks on the server.
- risk 0.29cvss 4.4epss 0.00
IBM AppScan Source uses a one-way hash without salt to encrypt highly sensitive information, which could allow a local attacker to decrypt information more easily.