CVE-2015-4989

Name of the Vulnerable Software and Affected Versions IBM Tealeaf Customer Experience versions prior to 8.7.1.8814 IBM Tealeaf Customer Experience versions prior to 8.8.0.9026 IBM Tealeaf Customer Experience version 9.0.0 IBM Tealeaf Customer Experience version 9.0.0A IBM Tealeaf Customer Experience versions prior to 9.0.1.1083 IBM Tealeaf Customer Experience versions prior to 9.0.1.5073 IBM Tealeaf Customer Experience versions prior to 9.0.2.1095 IBM Tealeaf Customer Experience versions prior to 9.0.2.5144

Description The issue allows remote attackers to read arbitrary charts by specifying an internal chart name.

Recommendations For versions prior to 8.7.1.8814, update to version 8.7.1.8814 or later. For versions prior to 8.8.0.9026, update to version 8.8.0.9026 or later. For version 9.0.0, update to a later version. For version 9.0.0A, update to a later version. For versions prior to 9.0.1.1083, update to version 9.0.1.1083 or later. For versions prior to 9.0.1.5073, update to version 9.0.1.5073 or later. For versions prior to 9.0.2.1095, update to version 9.0.2.1095 or later. For versions prior to 9.0.2.5144, update to version 9.0.2.5144 or later.