CVE-2016-0300

MEDIUM

IBM TRIRIGA Application Platform <3.3.2.6, <3.4.2.3, <3.5.0.1 - Inf...

Title source: llm
STIX 2.1

Description

IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.3, and 3.5 before 3.5.0.1 might allow remote attackers to access arbitrary JSP pages via vectors related to improper input validation. IBM X-Force ID: 111412.

References (2)

Core 2
Core References
VDB Entry, Vendor Advisory vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/111412
Vendor Advisory x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21979760

Scores

CVSS v3 5.4
EPSS 0.0077
EPSS Percentile 51.1%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

Details

CWE
CWE-20
Status published
Products (20)
ibm/tririga_application_platform 3.3.0.0
ibm/tririga_application_platform 3.3.0.1
ibm/tririga_application_platform 3.3.0.2
ibm/tririga_application_platform 3.3.1.0
ibm/tririga_application_platform 3.3.1.1
ibm/tririga_application_platform 3.3.1.2
ibm/tririga_application_platform 3.3.1.3
ibm/tririga_application_platform 3.3.2.0
ibm/tririga_application_platform 3.3.2.1
ibm/tririga_application_platform 3.3.2.3
... and 10 more
Published Feb 02, 2018
Tracked Since Feb 18, 2026