CVE-2014-4806 Information

Description

The installation process in IBM Security AppScan Enterprise 8.x before 8.6.0.2 iFix 003 8.7.x before 8.7.0.1 iFix 003 8.8.x before 8.8.0.1 iFix 002 and 9.0.x before 9.0.0.1 iFix 001 on Linux places a cleartext password in a temporary file which allows local users to obtain sensitive information by reading this file.

Reference

http://www.securityfocus.com/bid/69435 http://www-01.ibm.com/support/docview.wss?uid=swg21682642 https://exchange.xforce.ibmcloud.com/vulnerabilities/95354