The ODBC driver in IBM Security AppScan Source 7.x and 8.x prior to 8.6 sends an SHA-1 hash of the connection password during connections to a solidDB database, which allows remote malicious users to obtain sensitive information by sniffing the network.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm security appscan source 8.0.0.1 |
||
ibm security appscan source 8.0.0.2 |
||
ibm security appscan source 8.5 |
||
ibm security appscan source 8.5.0.1 |
||
ibm security appscan source 7.0 |
||
ibm security appscan source 8.0 |