Unauthorized Access Flaw in IBM TRIRIGA Application Platform
CVE-2017-1371
8.8HIGH
Summary
The Builder tools in IBM TRIRIGA Application Platform versions 3.3, 3.4, and 3.5 have a security flaw that may enable an authenticated user to perform actions within the Builder tool that they are otherwise restricted from. This could lead to unauthorized changes or data exposure within the application, highlighting the need for robust access control mechanisms.
Affected Version(s)
TRIRIGA Application Platform 3.3.2
TRIRIGA Application Platform 3.4
TRIRIGA Application Platform 3.4.1
References
CVSS V3.1
Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved