Vulnerability Database

309,130

Total vulnerabilities in the database

CVE-2016-2953

IBM Connections 4.0 through CR4, 4.5 through CR5, and 5.0 before CR4 does not require SSL, which allows remote attackers to obtain sensitive cleartext information by sniffing the network.

Published: Nov 30, 2016
Updated: Nov 9, 2025
CVE: CVE-2016-2953
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:P/I:N/A:N

CWEs:

CWE-310

Affected Software
References

Software	From	Fixed in
ibm / connections	4.5.0.0	4.5.0.0.x
ibm / connections	5.0.0.0	5.0.0.0.x
ibm / connections	4.0.0.0	4.0.0.0.x

http://www-01.ibm.com/support/docview.wss?uid=swg1LO90268
http://www-01.ibm.com/support/docview.wss?uid=swg1LO90295
http://www-01.ibm.com/support/docview.wss?uid=swg21990888
http://www.securityfocus.com/bid/94415

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo