Information Disclosure Vulnerability in IBM TRIRIGA Application Platform
CVE-2016-0299

5.3MEDIUM

Key Information:

Vendor: IBM
Status: Tririga Application Platform
Vendor: CVE Published:; 28 February 2018

Summary

IBM TRIRIGA Application Platform versions 3.3 prior to 3.3.2.6, 3.4 prior to 3.4.2.3, and 3.5 prior to 3.5.0.1 present an information disclosure vulnerability that allows remote attackers to exploit specific database queries. This exploit can lead to the unauthorized exposure of sensitive information, potentially compromising the integrity and confidentiality of the affected systems. Organizations using these versions are strongly advised to update to the latest versions to mitigate the risks associated with this vulnerability.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21981155

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/111382

vdb-entryx_refsource_XF

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 28, 2018
Vulnerability Reserved
Dec 8, 2015