Search Results (Refine Search)
- CPE Product Version: cpe:/a:ibm:tririga_application_platform:3.3.0.2
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2016-2882 |
IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.4, and 3.5 before 3.5.0.2 allows remote authenticated users to obtain sensitive information by reading HTTP responses. Published: July 02, 2016; 10:59:15 AM -0400 |
V3.0: 4.3 MEDIUM V2.0: 4.0 MEDIUM |
CVE-2016-0386 |
Cross-site request forgery (CSRF) vulnerability in IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.4, and 3.5 before 3.5.0.2 allows remote authenticated users to hijack the authentication of administrators for requests that delete employees. Published: July 02, 2016; 10:59:00 AM -0400 |
V3.0: 8.0 HIGH V2.0: 6.0 MEDIUM |
CVE-2016-0374 |
The builder tools in IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.4, and 3.5 before 3.5.0.2 allow remote authenticated users to gain privileges for application modification via unspecified vectors. Published: June 30, 2016; 9:59:03 PM -0400 |
V3.0: 8.8 HIGH V2.0: 6.5 MEDIUM |
CVE-2016-0362 |
IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.4, and 3.5 before 3.5.0.2 allows remote authenticated users to conduct server-side request forgery (SSRF) attacks, and trigger network traffic to arbitrary intranet or Internet hosts, via a crafted proxy request to a web service. Published: June 30, 2016; 9:59:00 PM -0400 |
V3.0: 7.7 HIGH V2.0: 4.0 MEDIUM |