) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- CPE Product Version: cpe:/a:ibm:tririga_application_platform:3.5.3.0
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2020-4868 |
IBM TRIRIGA 3.0, 4.0, and 4.4 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 190744. Published: July 30, 2023; 10:15:09 PM -0400 |
V3.1: 5.3 MEDIUM V2.0:(not available) |
| CVE-2019-4208 |
IBM TRIRIGA Application Platform 3.5.3 and 3.6.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 159129. Published: May 07, 2019; 3:29:01 PM -0400 |
V3.1: 7.1 HIGH V2.0: 5.5 MEDIUM |
| CVE-2019-4207 |
IBM TRIRIGA Application Platform 3.5.3 and 3.6.0 may disclose sensitive information only available to a local user that could be used in further attacks against the system. IBM X-Force ID: 159148. Published: May 07, 2019; 3:29:01 PM -0400 |
V3.1: 3.3 LOW V2.0: 2.1 LOW |
| CVE-2018-2008 |
IBM TRIRIGA Application Platform 3.5.3 and 3.6.0 could disclose sensitive information to an authenticated user that could aid in further attacks against the system. IBM X-Force ID: 155146. Published: May 07, 2019; 3:29:00 PM -0400 |
V3.0: 4.3 MEDIUM V2.0: 4.0 MEDIUM |