Remote Server Access Vulnerability in IBM Tealeaf Customer Experience
CVE-2016-5968

5.3MEDIUM

Key Information:

Vendor: IBM
Status: Tealeaf Customer Experience
Vendor: CVE Published:; 25 November 2016

What is CVE-2016-5968?

The Replay Server in IBM Tealeaf Customer Experience versions below 8.7.1.8847 FP10, 8.8.0.9049 FP9, and several 9.x versions is vulnerable to Server-Side Request Forgery (SSRF) attacks. This vulnerability allows remote attackers to exploit the application through unspecified methods, potentially leading to unauthorized access to internal services and resources. Organizations using affected versions of Tealeaf should take immediate action to apply the necessary patches and secure their systems against such attacks.

References

http://www.securityfocus.com/bid/94516

vdb-entryx_refsource_BID

http://www-01.ibm.com/support/docview.wss?uid=swg21989374

x_refsource_CONFIRM

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 25, 2016
Vulnerability Reserved
Jun 29, 2016