Sensitive Information Disclosure in IBM TRIRIGA Application Platform
CVE-2020-4277

5.3MEDIUM

Key Information:

Vendor: IBM
Status: Tririga Application Platform
Vendor: CVE Published:; 17 April 2020

Summary

The IBM TRIRIGA Application Platform versions 3.5.3 and 3.6.1 have a vulnerability that exposes sensitive information in error messages. This disclosure can potentially provide attackers with insights that could facilitate the execution of future attacks. It is crucial for users of these versions to implement security best practices and review the provided references for updates and mitigation strategies.

Affected Version(s)

TRIRIGA Application Platform 3.5.3

TRIRIGA Application Platform 3.6.1

References

https://www.ibm.com/support/pages/node/6193467

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/175993

vdb-entryx_refsource_XF

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 17, 2020
Vulnerability Reserved
Dec 30, 2019