Description IBM TRIRIGA Application Platform 3.5.3 and 3.6.0 could disclose sensitive information to an authenticated user that could aid in further attacks against the system. IBM X-Force ID: 155146.
CVSS vector CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Exploitability: 2.8 | Impact: 1.4 Attack Vector: Network
Complexity: Low
Privileges: Low
User Interaction: None
Scope: Unchanged
Confidentiality: Low
Integrity: None
Availability: None
Affected Packages2 packages
🔴 Vulnerability Details2 GHSA GHSA-jg76-j4qf-w3x2: IBM TRIRIGA Application Platform 3 ↗ 2022-05-24 ▶ CVEList CVE-2018-2008: IBM TRIRIGA Application Platform 3 ↗ 2019-05-07 ▶
💥 Exploits & PoCs10 Exploit-DB Microsoft Windows - NtUserSetWindowFNID Win32k User Callback Privilege Escalation (Metasploit) ↗ 2019-07-17 ▶ Exploit-DB Microsoft Windows MSHTML Engine - 'Edit' Remote Code Execution ↗ 2019-03-13 ▶ Exploit-DB CyberArk 9.7 - Memory Disclosure ↗ 2018-12-03 ▶ Exploit-DB Advantech WebAccess SCADA 8.3.2 - Remote Code Execution ↗ 2018-11-05 ▶ Exploit-DB Microsoft Windows - SetImeInfoEx Win32k NULL Pointer Dereference (Metasploit) ↗ 2018-10-22 ▶ Show 5 more
📋 Vendor Advisories2 Red Hat gnome-keyring: login credentials retrieval via a Secret Service API call ↗ 2018-07-06 ▶ Microsoft Windows Kernel Elevation of Privilege Vulnerability ↗ 2018-03-13 ▶
🕵️ Threat Intelligence4 Bleepingcomputer CISA tags Windows, Cisco vulnerabilities as actively exploited ↗ 2025-03-03 ▶ Krebs Patch Tuesday, October 2018 Edition ↗ 2018-10-11 ▶ Qualys A “Patch for the Meltdown Patch” released out of band Thursday night | Qualys ↗ 2018-03-30 ▶ Qualys A “Patch for the Meltdown Patch” released out of band Thursday night ↗ 2018-03-30 ▶