4.3

CVE-2016-2953

IBM Connections 4.0 through CR4, 4.5 through CR5, and 5.0 before CR4 does not require SSL, which allows remote attackers to obtain sensitive cleartext information by sniffing the network.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IbmConnections Version4.0.0.0
IbmConnections Version4.5.0.0
IbmConnections Version5.0.0.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.27% 0.66
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 3.7 2.2 1.4
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:P/I:N/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www-01.ibm.com/support/docview.wss?uid=swg1LO90268
Broken Link
http://www-01.ibm.com/support/docview.wss?uid=swg1LO90295
Broken Link
http://www-01.ibm.com/support/docview.wss?uid=swg21990888
Patch
Vendor Advisory
http://www.securityfocus.com/bid/94415
Third Party Advisory
VDB Entry