CVE-2017-1371

3 documents3 sources

Severity

8.8HIGH

EPSS

0.5%

top 35.91%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Tririga Application Platform

Timeline

PublishedJul 21

Latest updateMay 13

Description

Builder tools running in the IBM TRIRIGA Application Platform 3.3, 3.4, and 3.5 contains a vulnerability that could allow an authenticated user to execute Builder tool actions they do not have access to. IBM X-Force ID: 126864.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages2 packages

▶CVEListV5ibm/tririga_application_platform7 versions+6

▶NVDibm/tririga_application_platform35 versions+34

Patches

Patch: www.ibm.com ↗Patch: www.ibm.com ↗

🔴Vulnerability Details

GHSA

GHSA-2cqg-2r84-43cq: Builder tools running in the IBM TRIRIGA Application Platform 3↗2022-05-13

▶

CVEList

CVE-2017-1371: Builder tools running in the IBM TRIRIGA Application Platform 3↗2017-07-21

▶