PT-2016-5299 · Ibm · Ibm Connections

Published

2016-11-30

Updated

2016-11-30

CVE-2016-2953

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions IBM Connections versions 4.0 through 5.0 before CR4

Description The issue allows remote attackers to obtain sensitive cleartext information by sniffing the network, as the software does not require SSL.

Recommendations For versions 4.0 through 5.0 before CR4, consider enabling SSL to encrypt the network traffic and prevent sensitive information from being intercepted.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-310

Related Identifiers

CVE-2016-2953

Affected Products

Ibm Connections

PT-2016-5299 · Ibm · Ibm Connections

CVE-2016-2953

Weakness Enumeration

Related Identifiers

Affected Products

References · 6