IBM Security AppScan Source CVE-2014-3072 Local Privilege Escalation Vulnerability

Bugtraq ID:	69029
Class:	Design Error
CVE:	CVE-2014-3072
Remote:	No
Local:	Yes
Published:	Jul 30 2014 12:00AM
Updated:	Jul 30 2014 12:00AM
Credit:	IBM
Vulnerable:	IBM Security AppScan Source 9.0 IBM Security AppScan Source 8.8 IBM Security AppScan Source 8.7 IBM Security AppScan Source 8.6 IBM Security AppScan Source 8.5 IBM Security AppScan Source 8.0
Not Vulnerable:

IBM Security AppScan Source CVE-2014-3072 Local Privilege Escalation Vulnerability

IBM Security AppScan Source is prone to a local privilege-escalation vulnerability.

Exploiting this issue allows local attackers to gain elevated privileges.

IBM Security AppScan Source CVE-2014-3072 Local Privilege Escalation Vulnerability

Solution:
Updates are available. Please see the references or vendor advisory for more information.

IBM Security AppScan Source CVE-2014-3072 Local Privilege Escalation Vulnerability

References:

• IBM Security AppScan Source Homepage (IBM)
  
• Security Bulletin: Multiple vulnerabilities in IBM Security AppScan Source (CVE- (IBM)