CVE-2013-0474 in Rational Policy Tester
Summary
by MITRE
The Manual Explore browser plug-in in IBM Security AppScan Enterprise 5.6 and 8.x before 8.7 and IBM Rational Policy Tester 5.6 and 8.x before 8.5.0.4 allows remote attackers to discover test Platform Authentication credentials via a crafted web site.
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Analysis
by VulDB Data Team • 02/06/2018
The vulnerability identified as CVE-2013-0474 represents a critical information disclosure flaw within IBM Security AppScan Enterprise and IBM Rational Policy Tester software products. This vulnerability specifically affects versions 5.6 and 8.x prior to their respective secure releases, creating a significant security risk for organizations relying on these tools for application security testing. The flaw exists within the Manual Explore browser plug-in component, which is designed to facilitate manual security testing activities but inadvertently exposes sensitive authentication credentials during normal web browsing operations.
The technical implementation of this vulnerability stems from improper handling of authentication credentials within the browser plug-in's interaction with web platforms. Attackers can construct malicious websites that trigger the plug-in to reveal stored Platform Authentication credentials, effectively bypassing normal security controls that should protect these sensitive authentication tokens. This occurs through crafted web content that exploits the plug-in's credential handling mechanisms, allowing unauthorized access to authentication information that should remain protected within the secure testing environment. The vulnerability operates at the application layer and leverages web browser interactions to execute the information disclosure attack.
The operational impact of this vulnerability extends beyond simple credential exposure, as it fundamentally undermines the security posture of organizations using these security testing tools. When authentication credentials are disclosed, attackers gain access to the testing platform itself, potentially enabling them to perform unauthorized testing activities, access sensitive test data, or escalate privileges within the security testing environment. This represents a significant compromise of the integrity and confidentiality of the security testing infrastructure, as the very tools designed to protect applications become vectors for credential theft. The vulnerability affects organizations that depend on these tools for automated and manual security testing operations, creating a dangerous situation where the security testing environment becomes a potential attack surface.
Organizations should implement immediate mitigations including applying the vendor-provided security patches for IBM Security AppScan Enterprise and IBM Rational Policy Tester versions affected by this vulnerability. The remediation process requires updating to the secure versions 8.7 for AppScan Enterprise and 8.5.0.4 for Policy Tester, which contain fixes addressing the credential disclosure flaw. Network segmentation and access controls should be strengthened to limit exposure of these tools to untrusted networks, while monitoring systems should be enhanced to detect anomalous behavior related to credential access patterns. Additionally, organizations should conduct comprehensive credential rotation for any systems that may have been compromised, following industry best practices for credential management and security incident response. This vulnerability aligns with CWE-200, which addresses information exposure, and represents a significant risk under ATT&CK technique T1552, credential access through exploitation of software vulnerabilities.