CVE-2019-4207
https://notcve.org/view.php?id=CVE-2019-4207
IBM TRIRIGA Application Platform 3.5.3 and 3.6.0 may disclose sensitive information only available to a local user that could be used in further attacks against the system. IBM X-Force ID: 159148. IBM TRIRIGA Application Platform 3.5.3 y 3.6.0 puede revelar información confidencial sólo disponible para un usuario local que podría utilizarse en ataques posteriores contra el sistema. IBM X-Force ID: 159148. • https://exchange.xforce.ibmcloud.com/vulnerabilities/159128 https://www.ibm.com/support/docview.wss?uid=ibm10880261 •
CVE-2018-2008
https://notcve.org/view.php?id=CVE-2018-2008
IBM TRIRIGA Application Platform 3.5.3 and 3.6.0 could disclose sensitive information to an authenticated user that could aid in further attacks against the system. IBM X-Force ID: 155146. IBM TRIRIGA Application Platform 3.5.3 y 3.6.0 podría revelar información sensible a un usuario autenticado que podría ayudar en nuevos ataques contra el sistema. IBM X-Force ID: 155146. • http://www.ibm.com/support/docview.wss?uid=ibm10879463 http://www.securityfocus.com/bid/108843 https://exchange.xforce.ibmcloud.com/vulnerabilities/155146 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2016-0299
https://notcve.org/view.php?id=CVE-2016-0299
IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.3, and 3.5 before 3.5.0.1 allows remote attackers to obtain sensitive information via vectors involving a database query. IBM X-Force ID: 111382. IBM TRIRIGA Application Platform, en versiones 3.3 anteriores a la 3.3.2.6, versiones 3.4 anteriores a la 3.4.2.3 y versiones 3.5 anteriores a la 3.5.0.1, permite que atacantes remotos obtengan información sensible mediante vectores relacionados con una consulta a la base de datos. IBM X-Force ID: 111382. • http://www-01.ibm.com/support/docview.wss?uid=swg21981155 https://exchange.xforce.ibmcloud.com/vulnerabilities/111382 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2016-0343
https://notcve.org/view.php?id=CVE-2016-0343
IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.3, and 3.5 before 3.5.0.1 allows remote authenticated users to obtain sensitive information by reading an error message. IBM X-Force ID: 111784. IBM TRIRIGA Application Platform, en versiones 3.3 anteriores a la 3.3.2.6, versiones 3.4 anteriores a la 3.4.2.3 y versiones 3.5 anteriores a la 3.5.0.1, permite que usuarios autenticados remotos obtengan información sensible mediante la lectura de un mensaje de error. IBM X-Force ID: 111784. • http://www-01.ibm.com/support/docview.wss?uid=swg21980229 https://exchange.xforce.ibmcloud.com/vulnerabilities/111784 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2016-0348
https://notcve.org/view.php?id=CVE-2016-0348
Cross-site request forgery (CSRF) vulnerability in IBM TRIRIGA Application Platform 3.3, 3.3.1, 3.3.2, and 3.4 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences. IBM X-Force ID: 111813. Vulnerabilidad de Cross-Site Request Forgery (CSRF) en IBM TRIRIGA Application Platform 3.3, 3.3.1, 3.3.2 y 3.4 permite que atacantes remotos secuestren la autenticación de usuarios arbitrarios para peticiones que inserten secuencias XSS. IBM X-Force ID: 111813. • http://www-01.ibm.com/support/docview.wss?uid=swg21980237 https://exchange.xforce.ibmcloud.com/vulnerabilities/111813 • CWE-352: Cross-Site Request Forgery (CSRF) •