IBM Tririga Application Platform
By the Year
In 2024 there have been 0 vulnerabilities in IBM Tririga Application Platform . Last year Tririga Application Platform had 3 security vulnerabilities published. Right now, Tririga Application Platform is on track to have less security vulnerabilities in 2024 than it did last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 0 | 0.00 |
2023 | 3 | 5.93 |
2022 | 0 | 0.00 |
2021 | 0 | 0.00 |
2020 | 1 | 7.50 |
2019 | 3 | 4.90 |
2018 | 0 | 0.00 |
It may take a day or so for new Tririga Application Platform vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent IBM Tririga Application Platform Security Vulnerabilities
IBM TRIRIGA 3.0, 4.0, and 4.4 could
CVE-2020-4868
5.3 - Medium
- July 31, 2023
IBM TRIRIGA 3.0, 4.0, and 4.4 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 190744.
Generation of Error Message Containing Sensitive Information
IBM TRIRIGA 4.0 is vulnerable to an XML external entity injection (XXE) attack when processing XML data
CVE-2023-27876
7.1 - High
- April 07, 2023
IBM TRIRIGA 4.0 is vulnerable to an XML external entity injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 249975.
XXE
IBM TRIRIGA Application Platform 4.0 is vulnerable to cross-site scripting
CVE-2022-43914
5.4 - Medium
- April 07, 2023
IBM TRIRIGA Application Platform 4.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 241036.
XSS
IBM TRIRIGA Application Platform 3.5.3 and 3.6.1 discloses sensitive information in error messages
CVE-2020-4277
7.5 - High
- April 17, 2020
IBM TRIRIGA Application Platform 3.5.3 and 3.6.1 discloses sensitive information in error messages that could aid an attacker formulate future attacks. IBM X-Force ID: 175993.
Information Disclosure
IBM TRIRIGA Application Platform 3.5.3 and 3.6.0 could disclose sensitive information to an authenticated user
CVE-2018-2008
4.3 - Medium
- May 07, 2019
IBM TRIRIGA Application Platform 3.5.3 and 3.6.0 could disclose sensitive information to an authenticated user that could aid in further attacks against the system. IBM X-Force ID: 155146.
Information Disclosure
IBM TRIRIGA Application Platform 3.5.3 and 3.6.0 may disclose sensitive information only available to a local user
CVE-2019-4207
3.3 - Low
- May 07, 2019
IBM TRIRIGA Application Platform 3.5.3 and 3.6.0 may disclose sensitive information only available to a local user that could be used in further attacks against the system. IBM X-Force ID: 159148.
IBM TRIRIGA Application Platform 3.5.3 and 3.6.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data
CVE-2019-4208
7.1 - High
- May 07, 2019
IBM TRIRIGA Application Platform 3.5.3 and 3.6.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 159129.
XXE
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for IBM Tririga Application Platform or by IBM? Click the Watch button to subscribe.