The Enterprise Console client in IBM Rational AppScan Enterprise 5.x and 8.x prior to 8.5.0.1 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
ibm rational appscan 5.5.0.1 |
||
ibm rational appscan 5.5.0.2 |
||
ibm rational appscan 8.0.0 |
||
ibm rational appscan 8.0.1 |
||
ibm rational appscan 5.5.0 |
||
ibm rational appscan 5.6.0.3 |
||
ibm rational appscan 8.0.1.1 |
||
ibm rational appscan 8.5.0 |
||
ibm rational appscan 5.2 |
||
ibm rational appscan 5.4 |
||
ibm rational appscan 8.0.0.2 |
||
ibm rational appscan 8.0.0.3 |
||
ibm rational appscan 5.6.0 |
||
ibm rational appscan 8.0.0.1 |
||
ibm rational appscan 8.5.0.0 |
Vulmon