Ibm

Tririga Application Platform

46 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3

CVE-2020-4868

  • EPSS 0.05%
  • Published 31.07.2023 02:15:09
  • Last modified 21.11.2024 05:33:20

IBM TRIRIGA 3.0, 4.0, and 4.4 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 1...

7.1

CVE-2023-27876

  • EPSS 0.04%
  • Published 07.04.2023 14:15:07
  • Last modified 21.11.2024 07:53:37

IBM TRIRIGA 4.0 is vulnerable to an XML external entity injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 249975.

5.4

CVE-2022-43914

  • EPSS 0.14%
  • Published 07.04.2023 14:15:07
  • Last modified 21.11.2024 07:27:21

IBM TRIRIGA Application Platform 4.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within...

7.5

CVE-2020-4277

  • EPSS 0.18%
  • Published 17.04.2020 14:15:18
  • Last modified 21.11.2024 05:32:30

IBM TRIRIGA Application Platform 3.5.3 and 3.6.1 discloses sensitive information in error messages that could aid an attacker formulate future attacks. IBM X-Force ID: 175993.

7.1

CVE-2019-4208

  • EPSS 0.38%
  • Published 07.05.2019 19:29:01
  • Last modified 21.11.2024 04:43:18

IBM TRIRIGA Application Platform 3.5.3 and 3.6.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. ...

3.3

CVE-2019-4207

  • EPSS 0.04%
  • Published 07.05.2019 19:29:01
  • Last modified 21.11.2024 04:43:18

IBM TRIRIGA Application Platform 3.5.3 and 3.6.0 may disclose sensitive information only available to a local user that could be used in further attacks against the system. IBM X-Force ID: 159148.

4.3

CVE-2018-2008

  • EPSS 0.17%
  • Published 07.05.2019 19:29:00
  • Last modified 21.11.2024 04:03:35

IBM TRIRIGA Application Platform 3.5.3 and 3.6.0 could disclose sensitive information to an authenticated user that could aid in further attacks against the system. IBM X-Force ID: 155146.

5.3

CVE-2016-0299

  • EPSS 0.17%
  • Published 28.02.2018 17:29:00
  • Last modified 21.11.2024 02:41:27

IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.3, and 3.5 before 3.5.0.1 allows remote attackers to obtain sensitive information via vectors involving a database query. IBM X-Force ID: 111382.

5.4

CVE-2016-0344

  • EPSS 0.13%
  • Published 21.02.2018 16:29:00
  • Last modified 21.11.2024 02:41:31

Cross-site scripting (XSS) vulnerability in the My Reports component in IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.3, and 3.5 before 3.5.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vec...

4.3

CVE-2016-0343

  • EPSS 0.12%
  • Published 21.02.2018 16:29:00
  • Last modified 21.11.2024 02:41:31

IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.3, and 3.5 before 3.5.0.1 allows remote authenticated users to obtain sensitive information by reading an error message. IBM X-Force ID: 111784.