CVE-2017-1374

MEDIUM

IBM TRIRIGA App Plat <3.5 - Info Disclosure

Title source: llm
STIX 2.1

Description

Sensitive data can be exposed in the IBM TRIRIGA Application Platform 3.3, 3.4, and 3.5 that can lead to an attacker gaining unauthorized access to the system. IBM X-Force ID: 126867.

References (2)

Core 2
Core References
VDB Entry, Vendor Advisory x_refsource_misc
https://exchange.xforce.ibmcloud.com/vulnerabilities/126867
Patch, Vendor Advisory x_refsource_confirm
http://www.ibm.com/support/docview.wss?uid=swg22004681

Scores

CVSS v3 6.5
EPSS 0.0106
EPSS Percentile 60.3%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-200
Status published
Products (44)
IBM/TRIRIGA Application Platform 3.3
IBM/TRIRIGA Application Platform 3.3.1
IBM/TRIRIGA Application Platform 3.3.2
IBM/TRIRIGA Application Platform 3.4
IBM/TRIRIGA Application Platform 3.4.1
IBM/TRIRIGA Application Platform 3.4.2
IBM/TRIRIGA Application Platform 3.5
IBM/TRIRIGA Application Platform 3.5.1
IBM/TRIRIGA Application Platform 3.5.2
ibm/tririga_application_platform 3.3.0.0
... and 34 more
Published Jul 21, 2017
Tracked Since Feb 18, 2026