3 matches found
Security Bulletin: IBM Tealeaf Customer Experience internal connections not encrypted (CVE-2015-4961)
Summary Internal connections between IBM Tealeaf Customer Experience servers use unencrypted HTTP. Vulnerability Details CVEID: CVE-2015-4961 DESCRIPTION: In an IBM Tealeaf environment with multiple servers, connections to the Tealeaf Data Service, Search Service, Replay Service, and Tracking...
CVE-2015-4961
IBM Tealeaf Customer Experience 8.x before 8.7.1.8847 FP10, 8.8.x before 8.8.0.9049 FP9, 9.0.0 and 9.0.1 before 9.0.1.1117 FP5, 9.0.1A before 9.0.1.5108 FP5, 9.0.2 before 9.0.2.1223 FP3, and 9.0.2A before 9.0.2.5224 FP3 does not encrypt connections between internal servers, which allows remote...
CVE-2015-4961
CVE-2015-4961 affects IBM Tealeaf Customer Experience up to certain builds where internal server connections (Data Service, Search Service, Replay Service, Tracking Service) use unencrypted HTTP. This creates network-sniffing risk for sensitive data on multi-server deployments. Affected versions:...