Local User Credential Exposure in IBM Tealeaf Customer Experience
CVE-2015-4990

4MEDIUM

Key Information:

Vendor
IBM
Vendor
CVE Published:
2 January 2016

Summary

The IBM Tealeaf Customer Experience portal contains design flaws that permit local users to potentially access sensitive credentials through privilege escalation during certain connection types. This vulnerability spans multiple product versions, enabling unauthorized disclosure of information that could be leveraged for further attacks. Organizations using affected versions should consider immediate patching and review their security practices to mitigate risks.

References

CVSS V3.1

Score:
4
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
High
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.