CVE-2014-8895

Name of the Vulnerable Software and Affected Versions IBM TRIRIGA Application Platform versions 3.2.1.x through 3.3.2 before 3.3.2.3 IBM TRIRIGA Application Platform versions 3.4.1 before 3.4.1.1

Description The issue allows remote attackers to bypass intended access restrictions and read the image files of arbitrary users via a crafted URL.

Recommendations For versions 3.2.1.x, update to a version after 3.3.2.3 or apply the necessary patches to restrict access to image files. For versions 3.3.2 before 3.3.2.3, update to version 3.3.2.3 or later to fix the issue. For versions 3.4.1 before 3.4.1.1, update to version 3.4.1.1 or later to resolve the problem.