Vulnerability CVE-2013-0474
Published: 2013-03-29   Modified: 2013-04-01

Description:
The Manual Explore browser plug-in in IBM Security AppScan Enterprise 5.6 and 8.x before 8.7 and IBM Rational Policy Tester 5.6 and 8.x before 8.5.0.4 allows remote attackers to discover test Platform Authentication credentials via a crafted web site.

Type:

CWE-200

 (Information Exposure)

CVSS2 => (AV:N/AC:M/Au:N/C:P/I:N/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.3/10
2.9/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
None
None
Affected software
IBM -> Rational policy tester 
IBM -> Security appscan 

 References:
http://xforce.iss.net/xforce/xfdb/81338
http://www-01.ibm.com/support/docview.wss?uid=swg21631304
http://www-01.ibm.com/support/docview.wss?uid=swg21626264
Copyright 2024, cxsecurity.com

 

Back to Top