CVE-2014-0904

high

Description

The update process in IBM Security AppScan Standard 7.9 through 8.8 does not require integrity checks of downloaded files, which allows remote attackers to execute arbitrary code via a crafted file.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/91536

http://www-01.ibm.com/support/docview.wss?uid=swg21666775

Details

Source: Mitre, NVD

Published: 2014-03-26

Updated: 2026-06-17

Risk Information

CVSS v2

Base Score: 7.6

Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H