CVE-2016-2983

CWE-20 — Improper Input Validation3 documents3 sources

Severity

8.1HIGH

EPSS

0.5%

top 32.79%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Tealeaf Customer Experience

Timeline

PublishedJan 26

Latest updateMay 14

Description

IBM Tealeaf Customer Experience 8.7, 8.8, and 9.0.2 could allow a remote attacker under unusual circumstances to read operational data or TLS session state for any active sessions, cause denial of service, or bypass security. IBM X-Force ID: 113999.

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.2 | Impact: 5.9

Affected Packages2 packages

▶CVEListV5ibm/tealeaf_customer_experience8.7, 8.8, 9.0.2+2

▶NVDibm/tealeaf_customer_experience8.7, 8.8, 9.0.2+2

Patches

Patch: www.ibm.com ↗Patch: www.ibm.com ↗Patch: www.ibm.com ↗

🔴Vulnerability Details

GHSA

GHSA-3wjc-53m5-ffxg: IBM Tealeaf Customer Experience 8↗2022-05-14

▶

CVEList

CVE-2016-2983: IBM Tealeaf Customer Experience 8↗2018-01-26

▶