Описание
The notifications component in IBM TRIRIGA Applications 10.4 and 10.5 before 10.5.1 allows remote authenticated users to obtain sensitive password information, and consequently gain privileges, via unspecified vectors.
Ссылки
- Vendor Advisory
- MitigationVendor Advisory
- Vendor Advisory
- MitigationVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:ibm:tririga_application_platform:10.4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tririga_application_platform:10.5:*:*:*:*:*:*:*
EPSS
Процентиль: 66%
0.00511
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-264
Связанные уязвимости
CVSS3: 8.8
github
больше 3 лет назад
The notifications component in IBM TRIRIGA Applications 10.4 and 10.5 before 10.5.1 allows remote authenticated users to obtain sensitive password information, and consequently gain privileges, via unspecified vectors.
EPSS
Процентиль: 66%
0.00511
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-264