Information Disclosure Vulnerability in IBM Tealeaf Customer Experience
CVE-2015-4961

2.6LOW

Key Information:

Vendor: IBM
Status: Tealeaf Customer Experience
Vendor: CVE Published:; 24 November 2016

Summary

IBM Tealeaf Customer Experience versions prior to specified releases do not secure communications between internal servers, enabling remote attackers to intercept and retrieve sensitive information through unencrypted HTTP traffic. This vulnerability poses significant risks for data privacy, highlighting the need for secure data transmission practices within network infrastructures.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21965077

x_refsource_CONFIRM

http://www.securityfocus.com/bid/94976

vdb-entryx_refsource_BID

CVSS V3.1

Score:

2.6

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Adjacent Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 24, 2016
Vulnerability Reserved
Jun 24, 2015