CVE-2017-1373

4 documents4 sources

Severity

8.8HIGH

EPSS

0.6%

top 30.61%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Tririga Application Platform

Timeline

PublishedJul 21

Latest updateMay 13

Description

Reports executed in the IBM TRIRIGA Application Platform 3.3, 3.4, and 3.5 contains a vulnerability that could allow an authenticated user to execute a report they do not have access to. IBM X-Force ID: 126866.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages2 packages

▶CVEListV5ibm/tririga_application_platform9 versions+8

▶NVDibm/tririga_application_platform35 versions+34

Patches

Patch: www.ibm.com ↗Patch: www.ibm.com ↗

🔴Vulnerability Details

GHSA

GHSA-35qq-95r4-7cg5: Reports executed in the IBM TRIRIGA Application Platform 3↗2022-05-13

▶

CVEList

CVE-2017-1373: Reports executed in the IBM TRIRIGA Application Platform 3↗2017-07-21

▶

💥Exploits & PoCs

Exploit-DB

Apple macOS/iOS - Kernel Double Free due to Incorrect API Usage in Flow Divert Socket Option Handling↗2017-12-12

▶