CVE-2015-4961 — LOW (2.6) — White Hats Nepal

Q: How severe is CVE-2015-4961?

CVE-2015-4961 has been rated LOW with a CVSS base score of 2.6/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2015-4961?

Check the references section above for vendor advisories and patch information. Affected products include: Ibm Tealeaf Customer Experience.

Vulnerability Description

IBM Tealeaf Customer Experience 8.x before 8.7.1.8847 FP10, 8.8.x before 8.8.0.9049 FP9, 9.0.0 and 9.0.1 before 9.0.1.1117 FP5, 9.0.1A before 9.0.1.5108 FP5, 9.0.2 before 9.0.2.1223 FP3, and 9.0.2A before 9.0.2.5224 FP3 does not encrypt connections between internal servers, which allows remote attackers to obtain sensitive information by sniffing the network for HTTP traffic.

CVSS Score

2.6

LOW

CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

Attack Vector

ADJACENT_NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

LOW

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Ibm	Tealeaf Customer Experience	<= 8.6

Related Weaknesses (CWE)

CWE-200

References

FAQ

What is CVE-2015-4961?

CVE-2015-4961 is a vulnerability with a CVSS score of 2.6 (LOW). IBM Tealeaf Customer Experience 8.x before 8.7.1.8847 FP10, 8.8.x before 8.8.0.9049 FP9, 9.0.0 and 9.0.1 before 9.0.1.1117 FP5, 9.0.1A before 9.0.1.5108 FP5, 9.0.2 before 9.0.2.1223 FP3, and 9.0.2A be...

How severe is CVE-2015-4961?

CVE-2015-4961 has been rated LOW with a CVSS base score of 2.6/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2015-4961?

Check the references section above for vendor advisories and patch information. Affected products include: Ibm Tealeaf Customer Experience.