CVE-2016-3034

Summary

IBM AppScan Source uses a one-way hash without salt to encrypt highly sensitive information, which could allow a local attacker to decrypt information more easily.

Affected Software

VendorProductVersion RangeStatus
IBM CorporationAppScan Source7.0affected
IBM CorporationAppScan Source8.0affected
IBM CorporationAppScan Source8.0.0.1affected
IBM CorporationAppScan Source8.0.0.2affected
IBM CorporationAppScan Source8.5affected
IBM CorporationAppScan Source8.5.0.1affected
IBM CorporationAppScan Source8.6affected
IBM CorporationAppScan Source8.7affected
IBM CorporationAppScan Source8.8affected
IBM CorporationAppScan Source9.0affected
IBM CorporationAppScan Source9.0.1affected
IBM CorporationAppScan Source8.6.0.2affected
IBM CorporationAppScan Source8.6.0.1affected
IBM CorporationAppScan Source8.7.0.1affected
IBM CorporationAppScan Source9.0.0.1affected
IBM CorporationAppScan Source9.0.2affected
IBM CorporationAppScan Source9.0.3.2affected
IBM CorporationAppScan Source9.0.3affected
IBM CorporationAppScan Source9.0.3.1affected
IBM CorporationAppScan Source9.0.3.3affected
IBM CorporationAppScan Source9.0.3.4affected
IBM CorporationAppScan Source9.0.3.5affected

Weaknesses

  • Obtain Information

ADP Enrichment

CVE Program Container

Additional References

References