4.3

CVE-2017-1171

The IBM TRIRIGA Application Platform 3.3, 3,4, and 3,5 contain a vulnerability that could allow an authenticated user to execute Application actions they do not have access to. IBM Reference #: 2001083.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IbmTririga Application Platform Version3.3.0.0
IbmTririga Application Platform Version3.3.0.1
IbmTririga Application Platform Version3.3.0.2
IbmTririga Application Platform Version3.3.1.0
IbmTririga Application Platform Version3.3.1.1
IbmTririga Application Platform Version3.3.1.2
IbmTririga Application Platform Version3.3.1.3
IbmTririga Application Platform Version3.3.2.0
IbmTririga Application Platform Version3.3.2.1
IbmTririga Application Platform Version3.3.2.2
IbmTririga Application Platform Version3.3.2.3
IbmTririga Application Platform Version3.3.2.4
IbmTririga Application Platform Version3.3.2.5
IbmTririga Application Platform Version3.4.0.0
IbmTririga Application Platform Version3.4.0.1
IbmTririga Application Platform Version3.4.1.0
IbmTririga Application Platform Version3.4.1.1
IbmTririga Application Platform Version3.4.1.2
IbmTririga Application Platform Version3.4.1.3
IbmTririga Application Platform Version3.4.2.0
IbmTririga Application Platform Version3.4.2.1
IbmTririga Application Platform Version3.4.2.2
IbmTririga Application Platform Version3.4.2.3
IbmTririga Application Platform Version3.4.2.4
IbmTririga Application Platform Version3.4.2.5
IbmTririga Application Platform Version3.5.0.0
IbmTririga Application Platform Version3.5.0.1
IbmTririga Application Platform Version3.5.0.2
IbmTririga Application Platform Version3.5.1.1
IbmTririga Application Platform Version3.5.1.2
IbmTririga Application Platform Version3.5.1.3
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.67% 0.472
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.3 2.8 1.4
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
nvd@nist.gov 4 8 2.9
AV:N/AC:L/Au:S/C:N/I:P/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.securityfocus.com/bid/97245
Third Party Advisory
VDB Entry
https://www.ibm.com/support/docview.wss?uid=swg22001083
Patch
Vendor Advisory