Exposure of Operational State in IBM Tealeaf Consumer Experience
CVE-2016-0382

4MEDIUM

Key Information:

Vendor: IBM Corporation
Status: Tealeaf Customer Experience
Vendor: CVE Published:; 3 May 2017

Summary

The IBM Tealeaf Consumer Experience versions 8.7, 8.8, and 9.0 reveal certain operational states that may be unintentionally captured by network components such as IIS. This exposure could lead to sensitive information being accessible, impacting the overall security posture of the affected systems. For further details, refer to IBM's support documentation.

Affected Version(s)

Tealeaf Customer Experience 8.7, 8.8, 9.0.0, 9.0.1, 9.0.2

References

http://www.securityfocus.com/bid/98301

vdb-entryx_refsource_BID

http://www.ibm.com/support/docview.wss?uid=swg22000590

x_refsource_CONFIRM

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 3, 2017
Vulnerability Reserved
Dec 8, 2015