Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-8895

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2014-8895
Last Modified 17 Sep 2015 02:11:55
Published 28 Jan 2015 08:59:02
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2014-8895

Summary

IBM TRIRIGA Application Platform 3.2.1.x, 3.3.2 before 3.3.2.3, and 3.4.1 before 3.4.1.1 allows remote attackers to bypass intended access restrictions and read the image files of arbitrary users via a crafted URL.

Vulnerable Systems

Application

  • Ibm Tririga Application Platform 3.2.1

  • Ibm Tririga Application Platform 3.3.2.0

  • Ibm Tririga Application Platform 3.3.2.1

  • Ibm Tririga Application Platform 3.3.2.2

  • Ibm Tririga Application Platform 3.4.0.0

  • Ibm Tririga Application Platform 3.4.0.1

  • Ibm Tririga Application Platform 3.4.1.0


References

XF - ibm-tririga-cve20148895-auth(99014)

CONFIRM - http://www-01.ibm.com/support/docview.wss?uid=swg21694771

BID - 72430

SECUNIA - 62674


Last Updated: 27 May 2016 11:07:42