CVE-2016-0345

MEDIUM

IBM TRIRIGA Application Platform <3.3.2.6, <3.4.2.3, <3.5.0.1 - Inf...

Title source: llm
STIX 2.1

Description

IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.3, and 3.5 before 3.5.0.1 allows remote authenticated users to obtain the installation path via vectors involving Birt report rendering. IBM X-Force ID: 111786.

References (2)

Core 2
Core References
VDB Entry, Vendor Advisory vdb-entry x_refsource_xf
http://exchange.xforce.ibmcloud.com/vulnerabilities/111786
Vendor Advisory x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21980233

Scores

CVSS v3 4.3
EPSS 0.0096
EPSS Percentile 57.3%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Details

CWE
CWE-200
Status published
Products (2)
ibm/tririga_application_platform 3.5.0.0
ibm/tririga_application_platform 3.3.0.0 - 3.3.2.6
Published Feb 21, 2018
Tracked Since Feb 18, 2026