CVE-2015-4987

CWE-287 — Improper Authentication3 documents3 sources

Severity

6.5MEDIUM

EPSS

0.1%

top 69.89%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Tealeaf Customer Experience

Timeline

PublishedMar 27

Latest updateMay 14

Description

The search and replay servers in IBM Tealeaf Customer Experience 8.0 through 9.0.2 allow remote attackers to bypass authentication via unspecified vectors. IBM X-Force ID: 105896.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:NExploitability: 3.9 | Impact: 2.5

Affected Packages1 packages

▶NVDibm/tealeaf_customer_experience8.0 — 9.0.2

🔴Vulnerability Details

GHSA

GHSA-mqvh-83g7-mc9g: The search and replay servers in IBM Tealeaf Customer Experience 8↗2022-05-14

▶

CVEList

CVE-2015-4987: The search and replay servers in IBM Tealeaf Customer Experience 8↗2018-03-27

▶