Tealeaf Customer Experience Security Vulnerabilities and Issues — Tealeaf Customer Experience CVE List

Lucene search

IbmTealeaf Customer Experience

15 matches found

CVE•added 2016/09/26 4:59 a.m.•75 views

CVE-2016-5978

Cross-site scripting (XSS) vulnerability in the Web UI in the web portal in IBM Tealeaf Customer Experience before 8.7.1.8847 FP10, 8.8 before 8.8.0.9049 FP9, 9.0.0 and 9.0.1 before 9.0.1.1117 FP5, 9.0.1A before 9.0.1.5108_9.0.1A FP5, 9.0.2 before 9.0.2.1223 FP3, and 9.0.2A before 9.0.2.5224_9.0.2A...

5.4CVSS5.2AI score0.00168EPSS

CVE•added 2016/11/24 7:59 p.m.•40 views

CVE-2015-4961

IBM Tealeaf Customer Experience 8.x before 8.7.1.8847 FP10, 8.8.x before 8.8.0.9049 FP9, 9.0.0 and 9.0.1 before 9.0.1.1117 FP5, 9.0.1A before 9.0.1.5108 FP5, 9.0.2 before 9.0.2.1223 FP3, and 9.0.2A before 9.0.2.5224 FP3 does not encrypt connections between internal servers, which allows remote atta...

2.9CVSS4AI score0.00096EPSS

CVE•added 2016/01/18 5:59 a.m.•40 views

CVE-2015-4988

Directory traversal vulnerability in the replay server in IBM Tealeaf Customer Experience before 8.7.1.8818, 8.8 before 8.8.0.9026, 9.0.0, 9.0.0A, 9.0.1 before 9.0.1.1083, 9.0.1A before 9.0.1.5073, 9.0.2 before 9.0.2.1095, and 9.0.2A before 9.0.2.5144 allows remote attackers to read arbitrary files...

8.6CVSS8.2AI score0.00494EPSS

CVE•added 2016/01/02 5:59 a.m.•39 views

CVE-2015-4989

The portal in IBM Tealeaf Customer Experience before 8.7.1.8814, 8.8 before 8.8.0.9026, 9.0.0, 9.0.0A, 9.0.1 before 9.0.1.1083, 9.0.1A before 9.0.1.5073, 9.0.2 before 9.0.2.1095, and 9.0.2A before 9.0.2.5144 allows remote attackers to read arbitrary charts by specifying an internal chart name.

5CVSS4.5AI score0.00207EPSS

CVE•added 2018/01/26 9:29 p.m.•38 views

CVE-2016-2983

IBM Tealeaf Customer Experience 8.7, 8.8, and 9.0.2 could allow a remote attacker under unusual circumstances to read operational data or TLS session state for any active sessions, cause denial of service, or bypass security. IBM X-Force ID: 113999.

8.1CVSS7.8AI score0.00558EPSS

CVE•added 2016/11/25 3:59 a.m.•38 views

CVE-2016-5968

The Replay Server in IBM Tealeaf Customer Experience 8.x before 8.7.1.8847 FP10, 8.8.x before 8.8.0.9049 FP9, 9.0.0 and 9.0.1 before 9.0.1.1117 FP5, 9.0.1A before 9.0.1.5108 FP5, 9.0.2 before 9.0.2.1223 FP3, and 9.0.2A before 9.0.2.5224 FP3 allows remote attackers to conduct SSRF attacks via unspec...

5.3CVSS5.5AI score0.00205EPSS

CVE•added 2018/01/26 9:29 p.m.•38 views

CVE-2017-1279

IBM Tealeaf Customer Experience 8.7, 8.8, and 9.0.2 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 124757.

6.5CVSS6.8AI score0.00672EPSS

CVE•added 2018/03/27 5:29 p.m.•37 views

CVE-2015-4987

The search and replay servers in IBM Tealeaf Customer Experience 8.0 through 9.0.2 allow remote attackers to bypass authentication via unspecified vectors. IBM X-Force ID: 105896.

6.5CVSS6.9AI score0.00153EPSS

CVE•added 2016/09/26 4:59 a.m.•37 views

CVE-2016-5977

Open redirect vulnerability in the web portal in IBM Tealeaf Customer Experience before 8.7.1.8847 FP10, 8.8 before 8.8.0.9049 FP9, 9.0.0 and 9.0.1 before 9.0.1.1117 FP5, 9.0.1A before 9.0.1.5108_9.0.1A FP5, 9.0.2 before 9.0.2.1223 FP3, and 9.0.2A before 9.0.2.5224_9.0.2A FP3 allows remote authenti...

6.8CVSS6.2AI score0.00113EPSS

CVE•added 2018/01/26 9:29 p.m.•37 views

CVE-2017-1204

IBM Tealeaf Customer Experience 8.7, 8.8, and 9.0.2 contains hard-coded credentials. A remote attacker could exploit this vulnerability to gain access to the system. IBM X-Force ID: 123740.

9.8CVSS9.1AI score0.0123EPSS

CVE•added 2016/01/02 5:59 a.m.•34 views

CVE-2015-4990

The portal in IBM Tealeaf Customer Experience before 8.7.1.8818, 8.8 before 8.8.0.9026, 9.0.0, 9.0.0A, 9.0.1 before 9.0.1.1083, 9.0.1A before 9.0.1.5073, 9.0.2 before 9.0.2.1095, and 9.0.2A before 9.0.2.5144 allows local users to discover credentials by leveraging privileges during an unspecified c...

4CVSS4.4AI score0.00055EPSS

CVE•added 2016/09/26 4:59 a.m.•33 views

CVE-2016-5976

The web portal in IBM Tealeaf Customer Experience before 8.7.1.8847 FP10, 8.8 before 8.8.0.9049 FP9, 9.0.0 and 9.0.1 before 9.0.1.1117 FP5, 9.0.1A before 9.0.1.5108_9.0.1A FP5, 9.0.2 before 9.0.2.1223 FP3, and 9.0.2A before 9.0.2.5224_9.0.2A FP3 allows remote authenticated users to discover compone...

4.9CVSS5.3AI score0.00255EPSS

CVE•added 2016/09/26 4:59 a.m.•31 views

CVE-2016-5996

The web portal in IBM Tealeaf Customer Experience before 8.7.1.8847 FP10, 8.8 before 8.8.0.9049 FP9, 9.0.0 and 9.0.1 before 9.0.1.1117 FP5, 9.0.1A before 9.0.1.5108_9.0.1A FP5, 9.0.2 before 9.0.2.1223 FP3, and 9.0.2A before 9.0.2.5224_9.0.2A FP3 does not enforce password-length restrictions, which ...

7.5CVSS7.2AI score0.00252EPSS

CVE•added 2016/09/26 4:59 a.m.•29 views

CVE-2016-5975

5.4CVSS5.2AI score0.00168EPSS

CVE•added 2016/09/26 4:59 a.m.•29 views

CVE-2016-5997

The web portal in IBM Tealeaf Customer Experience before 8.7.1.8847 FP10, 8.8 before 8.8.0.9049 FP9, 9.0.0 and 9.0.1 before 9.0.1.1117 FP5, 9.0.1A before 9.0.1.5108_9.0.1A FP5, 9.0.2 before 9.0.2.1223 FP3, and 9.0.2A before 9.0.2.5224_9.0.2A FP3 does not apply password-quality rules to password cha...

6.5CVSS6.5AI score0.00109EPSS