8 results (0.029 seconds)

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

IBM TRIRIGA 3.0, 4.0, and 4.4 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 190744. IBM TRIRIGA v3.0, v4.0 y v4.4 podrían permitir a un atacante remoto obtener información sensible cuando se devuelve un mensaje de error técnico detallado en el navegador. Esta información podría utilizarse en ataques posteriores contra el sistema. • https://exchange.xforce.ibmcloud.com/vulnerabilities/190744 https://www.ibm.com/support/pages/node/7015393 • CWE-209: Generation of Error Message Containing Sensitive Information •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

IBM TRIRIGA Application Platform 3.5.3 and 3.6.1 discloses sensitive information in error messages that could aid an attacker formulate future attacks. IBM X-Force ID: 175993. IBM TRIRIGA Application Platform versiones 3.5.3 y 3.6.1, divulga información confidencial en mensajes de error que podrían ayudar a un atacante a formular futuros ataques. IBM X-Force ID: 175993. • https://exchange.xforce.ibmcloud.com/vulnerabilities/175993 https://www.ibm.com/support/pages/node/6193467 • CWE-209: Generation of Error Message Containing Sensitive Information •

CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0

IBM TRIRIGA Application Platform 3.5.3 and 3.6.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 159129. IBM TRIRIGA Application Platform, versiones 3.5.3 y 3.6.0, es vulnerable a un ataque de XML External Entity Injection (XXE) al procesar datos XML. Un atacante remoto podría explotar esta vulnerabilidad para exponer información sensible o consumir recursos de memoria. • http://www.ibm.com/support/docview.wss?uid=ibm10880263 https://exchange.xforce.ibmcloud.com/vulnerabilities/159129 • CWE-611: Improper Restriction of XML External Entity Reference •

CVSS: 4.0EPSS: 0%CPEs: 2EXPL: 0

IBM TRIRIGA Application Platform 3.5.3 and 3.6.0 may disclose sensitive information only available to a local user that could be used in further attacks against the system. IBM X-Force ID: 159148. IBM TRIRIGA Application Platform 3.5.3 y 3.6.0 puede revelar información confidencial sólo disponible para un usuario local que podría utilizarse en ataques posteriores contra el sistema. IBM X-Force ID: 159148. • https://exchange.xforce.ibmcloud.com/vulnerabilities/159128 https://www.ibm.com/support/docview.wss?uid=ibm10880261 •

CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0

IBM TRIRIGA Application Platform 3.5.3 and 3.6.0 could disclose sensitive information to an authenticated user that could aid in further attacks against the system. IBM X-Force ID: 155146. IBM TRIRIGA Application Platform 3.5.3 y 3.6.0 podría revelar información sensible a un usuario autenticado que podría ayudar en nuevos ataques contra el sistema. IBM X-Force ID: 155146. • http://www.ibm.com/support/docview.wss?uid=ibm10879463 http://www.securityfocus.com/bid/108843 https://exchange.xforce.ibmcloud.com/vulnerabilities/155146 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •