CVE-2015-4961

Name of the Vulnerable Software and Affected Versions IBM Tealeaf Customer Experience versions 8.x through 8.7.1.8847 FP9 IBM Tealeaf Customer Experience versions 8.8.x through 8.8.0.9049 FP8 IBM Tealeaf Customer Experience version 9.0.0 IBM Tealeaf Customer Experience version 9.0.1 through 9.0.1.1117 FP4 IBM Tealeaf Customer Experience version 9.0.1A through 9.0.1.5108 FP4 IBM Tealeaf Customer Experience version 9.0.2 through 9.0.2.1223 FP2 IBM Tealeaf Customer Experience version 9.0.2A through 9.0.2.5224 FP2

Description The issue allows remote attackers to obtain sensitive information by sniffing the network for HTTP traffic because connections between internal servers are not encrypted.

Recommendations For versions 8.x through 8.7.1.8847 FP9, update to version 8.7.1.8847 FP10. For versions 8.8.x through 8.8.0.9049 FP8, update to version 8.8.0.9049 FP9. For version 9.0.0, update to a fixed version. For versions 9.0.1 through 9.0.1.1117 FP4, update to version 9.0.1.1117 FP5. For versions 9.0.1A through 9.0.1.5108 FP4, update to version 9.0.1.5108 FP5. For versions 9.0.2 through 9.0.2.1223 FP2, update to version 9.0.2.1223 FP3. For versions 9.0.2A through 9.0.2.5224 FP2, update to version 9.0.2.5224 FP3.