U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/a:ibm:tririga_application_platform:3.3.1
There are 7 matching records.
Displaying matches 1 through 7.
Vuln ID Summary CVSS Severity
CVE-2020-4868

IBM TRIRIGA 3.0, 4.0, and 4.4 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 190744.

Published: July 30, 2023; 10:15:09 PM -0400 		V3.1: 5.3 MEDIUM
 V2.0:(not available)
CVE-2016-0299

IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.3, and 3.5 before 3.5.0.1 allows remote attackers to obtain sensitive information via vectors involving a database query. IBM X-Force ID: 111382.

Published: February 28, 2018; 12:29:00 PM -0500 		V3.0: 5.3 MEDIUM
 V2.0: 5.0 MEDIUM
CVE-2016-0345

IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.3, and 3.5 before 3.5.0.1 allows remote authenticated users to obtain the installation path via vectors involving Birt report rendering. IBM X-Force ID: 111786.

Published: February 21, 2018; 11:29:00 AM -0500 		V3.0: 4.3 MEDIUM
 V2.0: 4.0 MEDIUM
CVE-2016-0344

Cross-site scripting (XSS) vulnerability in the My Reports component in IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.3, and 3.5 before 3.5.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 111785.

Published: February 21, 2018; 11:29:00 AM -0500 		V3.0: 5.4 MEDIUM
 V2.0: 3.5 LOW
CVE-2016-0343

IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.3, and 3.5 before 3.5.0.1 allows remote authenticated users to obtain sensitive information by reading an error message. IBM X-Force ID: 111784.

Published: February 21, 2018; 11:29:00 AM -0500 		V3.0: 4.3 MEDIUM
 V2.0: 4.0 MEDIUM
CVE-2016-0342

IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.3, and 3.5 before 3.5.0.1 allows remote authenticated users to read or modify arbitrary reports by leveraging an incorrect grant of access. IBM X-Force ID: 111783.

Published: February 02, 2018; 4:29:00 PM -0500 		V3.0: 5.4 MEDIUM
 V2.0: 5.5 MEDIUM
CVE-2016-0312

IBM TRIRIGA Application Platform before 3.3.2 allows remote attackers to obtain sensitive information via vectors related to granting unauthenticated access to Document Manager. IBM X-Force ID: 111486.

Published: February 02, 2018; 4:29:00 PM -0500 		V3.0: 7.5 HIGH
 V2.0: 5.0 MEDIUM