CVE-2015-7238

Name of the Vulnerable Software and Affected Versions Threat Intelligence Exchange (TIE) versions prior to 1.2.0

Description The issue concerns weak permissions set for configuration files and installation logs in the Secondary server of Threat Intelligence Exchange (TIE). This weakness allows local users to access sensitive information by reading these files.

Recommendations For versions prior to 1.2.0, update to version 1.2.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the configuration files and installation logs to minimize the risk of exploitation.