Unauthorized Access Flaw in IBM TRIRIGA Application Platform
CVE-2017-1371

8.8HIGH

Key Information:

Vendor
IBM
Vendor
CVE Published:
21 July 2017

Summary

The Builder tools in IBM TRIRIGA Application Platform versions 3.3, 3.4, and 3.5 have a security flaw that may enable an authenticated user to perform actions within the Builder tool that they are otherwise restricted from. This could lead to unauthorized changes or data exposure within the application, highlighting the need for robust access control mechanisms.

Affected Version(s)

TRIRIGA Application Platform 3.3.2

TRIRIGA Application Platform 3.4

TRIRIGA Application Platform 3.4.1

References

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.