CVE-2015-4988

HIGH

IBM Tealeaf CX Path Traversal (8.7.1.8818, 8.8.0.9026, 9.0.0, 9.0.1.1083, 9.0.2.1095)

Title source: llm
STIX 2.1

Description

Directory traversal vulnerability in the replay server in IBM Tealeaf Customer Experience before 8.7.1.8818, 8.8 before 8.8.0.9026, 9.0.0, 9.0.0A, 9.0.1 before 9.0.1.1083, 9.0.1A before 9.0.1.5073, 9.0.2 before 9.0.2.1095, and 9.0.2A before 9.0.2.5144 allows remote attackers to read arbitrary files via unspecified vectors.

References (1)

Core 1
Core References
Patch, Vendor Advisory x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21968868

Scores

CVSS v3 8.6
EPSS 0.0301
EPSS Percentile 85.8%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

Details

CWE
CWE-22
Status published
Products (9)
ibm/tealeaf_customer_experience 8.7
ibm/tealeaf_customer_experience 8.8
ibm/tealeaf_customer_experience 9.0.0
ibm/tealeaf_customer_experience 9.0.0a
ibm/tealeaf_customer_experience 9.0.1
ibm/tealeaf_customer_experience 9.0.1a
ibm/tealeaf_customer_experience 9.0.2
ibm/tealeaf_customer_experience 9.0.2a
ibm/tealeaf_customer_experience < 8.6
Published Jan 18, 2016
Tracked Since Feb 18, 2026