First published: Wed Nov 30 2016(Updated: )
IBM Connections 4.0 through CR4, 4.5 through CR5, and 5.0 before CR4 does not require SSL, which allows remote attackers to obtain sensitive cleartext information by sniffing the network.
Credit: psirt@us.ibm.com
Affected Software | Affected Version | How to fix |
---|---|---|
IBM Connections | =4.0.0.0 | |
IBM Connections | =4.5.0.0 | |
IBM Connections | =5.0.0.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.