Information Disclosure in IBM TRIRIGA Application Platform
CVE-2018-2008

4.3MEDIUM

Key Information:

Vendor: IBM
Status: Tririga Application Platform
Vendor: CVE Published:; 6 May 2019

🔔 Create IBM Vulnerability Alert

What is CVE-2018-2008?

The IBM TRIRIGA Application Platform versions 3.5.3 and 3.6.0 are subject to an information disclosure vulnerability that allows an authenticated user to access sensitive information. This exposure potential could facilitate further attacks against the system, making it vital for organizations to ensure immediate patching and security assessments.

Affected Version(s)

TRIRIGA Application Platform 3.5.3

TRIRIGA Application Platform 3.6.0

References

http://www.ibm.com/support/docview.wss?uid=ibm10879463

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/155146

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/108843

vdb-entryx_refsource_BID

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 6, 2019
Vulnerability Reserved
Dec 13, 2017

.