The installation process in IBM Security AppScan Enterprise 8.x prior to 8.6.0.2 iFix 003, 8.7.x prior to 8.7.0.1 iFix 003, 8.8.x prior to 8.8.0.1 iFix 002, and 9.0.x prior to 9.0.0.1 iFix 001 on Linux places a cleartext password in a temporary file, which allows local users to obtain sensitive information by reading this file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm security_appscan |