CVE-2016-5968

Опубликовано: 25 нояб. 2016

Источник: nvd

CVSS3: 5.3

CVSS2: 5

EPSS Низкий

Описание

The Replay Server in IBM Tealeaf Customer Experience 8.x before 8.7.1.8847 FP10, 8.8.x before 8.8.0.9049 FP9, 9.0.0 and 9.0.1 before 9.0.1.1117 FP5, 9.0.1A before 9.0.1.5108 FP5, 9.0.2 before 9.0.2.1223 FP3, and 9.0.2A before 9.0.2.5224 FP3 allows remote attackers to conduct SSRF attacks via unspecified vectors.

Ссылки

http://www-01.ibm.com/support/docview.wss?uid=swg21989374
Vendor Advisory
http://www.securityfocus.com/bid/94516
http://www-01.ibm.com/support/docview.wss?uid=swg21989374
Vendor Advisory
http://www.securityfocus.com/bid/94516

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:tealeaf_customer_experience:*:*:*:*:*:*:*:*

Версия до 8.6 (включая)

cpe:2.3:a:ibm:tealeaf_customer_experience:8.7:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tealeaf_customer_experience:8.8:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tealeaf_customer_experience:9.0.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tealeaf_customer_experience:9.0.0a:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tealeaf_customer_experience:9.0.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tealeaf_customer_experience:9.0.1a:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tealeaf_customer_experience:9.0.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tealeaf_customer_experience:9.0.2a:*:*:*:*:*:*:*

EPSS

Процентиль: 42%

0.00205

Низкий

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-918

Связанные уязвимости

GHSA-328r-gg4v-8wh6