IBM Security AppScan Source Local Privilege Escalation Vulnerability (CVE-2014-3072)
Release date:
Updated on:
Affected Systems:
IBM Security AppScan Source 9.0
IBM Security AppScan Source 8.8
IBM Security AppScan Source 8.7
IBM Security AppScan Source 8.6
IBM Security AppScan Source 8.5
IBM Security AppScan Source 8
Description:
--------------------------------------------------------------------------------
Bugtraq id: 69029
CVE (CAN) ID: CVE-2014-3072
IBM Security AppScan Source can detect and fix vulnerabilities in Web and mobile applications.
The IBM AppScan Source Automation Server has a local privilege escalation vulnerability. Attackers with local network access do not need to perform authentication, this vulnerability affects the confidentiality, data integrity, and confidentiality of system resources.
<* Source: IBM (ncsupp@ca.ibm.com)
Link: http://www-01.ibm.com/support/docview.wss? Uid = swg21680537
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
IBM
---
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://www-933.ibm.com/support/fixcentral/swg/selectFixes? Parent = Security % 2 BSystems & product = ibm/Rational/AppScan + Source + Edition & release = 9.0 & platform = All & function = all
Http://www-933.ibm.com/support/fixcentral/swg/selectFixes? Parent = Security % 2 BSystems & product = ibm/Rational/AppScan + Source + Edition & release = 8.8 & platform = All & function = all
Http://www-933.ibm.com/support/fixcentral/swg/selectFixes? Parent = Security % 2 BSystems & product = ibm/Rational/AppScan + Source + Edition & release = 8.7.0.0 & platform = All & function = all
Http://www-933.ibm.com/support/fixcentral/swg/selectFixes? Parent = Security % 2 BSystems & product = ibm/Rational/AppScan + Source + Edition & release = 8.6.0.2 & platform = All & function = all
Http://www-933.ibm.com/support/fixcentral/swg/selectFixes? Parent = Security % 2 BSystems & product = ibm/Rational/AppScan + Source + Edition & release = 8.5.0.1 & platform = All & function = all
Http://www-933.ibm.com/support/fixcentral/swg/selectFixes? Parent = Security % 2 BSystems & product = ibm/Rational/AppScan + Source + Edition & release = 8.0.0.2 & platform = All & function = all
This article permanently updates the link address: