Local User Credential Exposure in IBM Tealeaf Customer Experience
CVE-2015-4990
4MEDIUM
Summary
The IBM Tealeaf Customer Experience portal contains design flaws that permit local users to potentially access sensitive credentials through privilege escalation during certain connection types. This vulnerability spans multiple product versions, enabling unauthorized disclosure of information that could be leveraged for further attacks. Organizations using affected versions should consider immediate patching and review their security practices to mitigate risks.
References
CVSS V3.1
Score:
4
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
High
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved