Design/Logic Flaw

2016-09-2604:59:00

PRIOn knowledge base

www.prio-n.com

6.8 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

65.3%

JSON

The web portal in IBM Tealeaf Customer Experience before 8.7.1.8847 FP10, 8.8 before 8.8.0.9049 FP9, 9.0.0 and 9.0.1 before 9.0.1.1117 FP5, 9.0.1A before 9.0.1.5108_9.0.1A FP5, 9.0.2 before 9.0.2.1223 FP3, and 9.0.2A before 9.0.2.5224_9.0.2A FP3 does not enforce password-length restrictions, which makes it easier for remote attackers to obtain access via a brute-force attack.

CPENameOperatorVersion
tealeaf_customer_experienceeq9.0.197
tealeaf_customer_experienceeq9.0.2
tealeaf_customer_experiencele8.7
tealeaf_customer_experienceeq9.0.0
tealeaf_customer_experienceeq9.0.1
tealeaf_customer_experienceeq9.0.297
tealeaf_customer_experienceeq8.8

Name	Operator	Version
tealeaf_customer_experience	eq	9.0.197
tealeaf_customer_experience	eq	9.0.2
tealeaf_customer_experience	le	8.7
tealeaf_customer_experience	eq	9.0.0
tealeaf_customer_experience	eq	9.0.1
tealeaf_customer_experience	eq	9.0.297
tealeaf_customer_experience	eq	8.8