CVE-2016-2953

Sažetak

IBM Connections 4.0 through CR4, 4.5 through CR5, and 5.0 before CR4 does not require SSL, which allows remote attackers to obtain sensitive cleartext information by sniffing the network.

Reference

http://www.securityfocus.com/bid/94415
http://www-01.ibm.com/support/docview.wss?uid=swg1LO90268
http://www-01.ibm.com/support/docview.wss?uid=swg1LO90295
http://www-01.ibm.com/support/docview.wss?uid=swg21990888

CVSS

Base:	4.3
Impact:	2.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:M/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

30-11-2016 - 20:35

Objavljeno

30-11-2016 - 11:59