CVE-2015-4990

MEDIUM

IBM Tealeaf Customer Experience < 8.6 - Information Disclosure

Title source: rule

Description

The portal in IBM Tealeaf Customer Experience before 8.7.1.8818, 8.8 before 8.8.0.9026, 9.0.0, 9.0.0A, 9.0.1 before 9.0.1.1083, 9.0.1A before 9.0.1.5073, 9.0.2 before 9.0.2.1095, and 9.0.2A before 9.0.2.5144 allows local users to discover credentials by leveraging privileges during an unspecified connection type.

References (1)

Scores

CVSS v3 4.0
EPSS 0.0006
EPSS Percentile 17.2%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N

Classification

CWE
CWE-200
Status draft

Affected Products (9)

ibm/tealeaf_customer_experience < 8.6
ibm/tealeaf_customer_experience
ibm/tealeaf_customer_experience
ibm/tealeaf_customer_experience
ibm/tealeaf_customer_experience
ibm/tealeaf_customer_experience
ibm/tealeaf_customer_experience
ibm/tealeaf_customer_experience
ibm/tealeaf_customer_experience

Timeline

Published Jan 02, 2016
Tracked Since Feb 18, 2026