IBM AppScan Source uses a one-way hash without salt to encrypt highly sensitive information, which could allow a local attacker to decrypt information more easily.Referenceshttp://www.ibm.com/support/docview.wss?uid=swg21995903http://www.securityfocus.com/bid/95195
