CVE-2017-1374

Опубликовано: 21 июл. 2017

Источник: nvd

CVSS3: 6.5

CVSS2: 4

EPSS Низкий

Описание

Sensitive data can be exposed in the IBM TRIRIGA Application Platform 3.3, 3.4, and 3.5 that can lead to an attacker gaining unauthorized access to the system. IBM X-Force ID: 126867.

Ссылки

http://www.ibm.com/support/docview.wss?uid=swg22004681
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/126867
VDB Entry
Vendor Advisory
http://www.ibm.com/support/docview.wss?uid=swg22004681
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/126867
VDB Entry
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:tririga_application_platform:3.3.0.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tririga_application_platform:3.3.0.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tririga_application_platform:3.3.0.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tririga_application_platform:3.3.1.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tririga_application_platform:3.3.1.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tririga_application_platform:3.3.1.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tririga_application_platform:3.3.1.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tririga_application_platform:3.3.2.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tririga_application_platform:3.3.2.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tririga_application_platform:3.3.2.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tririga_application_platform:3.3.2.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tririga_application_platform:3.3.2.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tririga_application_platform:3.3.2.5:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tririga_application_platform:3.4.0.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tririga_application_platform:3.4.0.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tririga_application_platform:3.4.1.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tririga_application_platform:3.4.1.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tririga_application_platform:3.4.1.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tririga_application_platform:3.4.1.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tririga_application_platform:3.4.2.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tririga_application_platform:3.4.2.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tririga_application_platform:3.4.2.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tririga_application_platform:3.4.2.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tririga_application_platform:3.4.2.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tririga_application_platform:3.4.2.5:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tririga_application_platform:3.5.0.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tririga_application_platform:3.5.0.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tririga_application_platform:3.5.0.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tririga_application_platform:3.5.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tririga_application_platform:3.5.1.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tririga_application_platform:3.5.1.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tririga_application_platform:3.5.1.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tririga_application_platform:3.5.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tririga_application_platform:3.5.2.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tririga_application_platform:3.5.2.2:*:*:*:*:*:*:*

EPSS

Процентиль: 49%

0.00261

Низкий

6.5 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-pfwx-cg86-975q