Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Directory traversal vulnerability in download.php in the Passive Capture Application (PCA) web console in IBM Tealeaf CX 7.x, 8.x through 8.6, 8.7 before FP2, and 8.8 before FP2 allows remote authenticated users to bypass intended access restrictions via a .. (dot dot) in the log parameter, as demonstrated using a crafted request for a customer-support file, as demonstrated by a log file.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM Tealeaf CX 目录遍历漏洞
Vulnerability Description
IBM Tealeaf CX是美国IBM公司的一套客户体验管理解决方案。该方案可帮助组织体验网络和移动商务的不足,从而执行和优化跨数字、社交和传统渠道的营销活动。 IBM Tealeaf CX 7.1和7.2版本及8.0至8.8版本的Passive Capture Application (PCA) Web控制台存在目录遍历漏洞。远程攻击者可利用该漏洞包含任意文件。
CVSS Information
N/A
Vulnerability Type
N/A