mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 17:21:36 +00:00
142 lines
4.3 KiB
JSON
142 lines
4.3 KiB
JSON
{
|
|
"id": "CVE-2016-0342",
|
|
"sourceIdentifier": "psirt@us.ibm.com",
|
|
"published": "2018-02-02T21:29:00.747",
|
|
"lastModified": "2024-11-21T02:41:31.390",
|
|
"vulnStatus": "Modified",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.3, and 3.5 before 3.5.0.1 allows remote authenticated users to read or modify arbitrary reports by leveraging an incorrect grant of access. IBM X-Force ID: 111783."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "IBM TRIRIGA Application Platform en versiones 3.3 anteriores a la 3.3.2.6, 3.4 anteriores a la 3.4.2.3 y 3.5 anteriores a la 3.5.0.1 permite que los usuarios autenticados remotos lean o modifiquen informes arbitrarios aprovech\u00e1ndose de una concesi\u00f3n incorrecta de acceso. IBM X-Force ID: 111783."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV30": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "3.0",
|
|
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
|
|
"baseScore": 5.4,
|
|
"baseSeverity": "MEDIUM",
|
|
"attackVector": "NETWORK",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "LOW",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "LOW",
|
|
"integrityImpact": "LOW",
|
|
"availabilityImpact": "NONE"
|
|
},
|
|
"exploitabilityScore": 2.8,
|
|
"impactScore": 2.5
|
|
}
|
|
],
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N",
|
|
"baseScore": 5.5,
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "SINGLE",
|
|
"confidentialityImpact": "PARTIAL",
|
|
"integrityImpact": "PARTIAL",
|
|
"availabilityImpact": "NONE"
|
|
},
|
|
"baseSeverity": "MEDIUM",
|
|
"exploitabilityScore": 8.0,
|
|
"impactScore": 4.9,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-284"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:tririga_application_platform:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "3.3.0.0",
|
|
"versionEndExcluding": "3.3.2.6",
|
|
"matchCriteriaId": "987A1969-6A11-4507-9E04-1722A2B28552"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:tririga_application_platform:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "3.4.0.0",
|
|
"versionEndExcluding": "3.4.2.3",
|
|
"matchCriteriaId": "4D6740BD-E8E5-4B10-A10A-1A6B74695FDE"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:tririga_application_platform:3.5.0.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "CE1B5398-7C51-4834-AB7A-F284C23C95FC"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21980252",
|
|
"source": "psirt@us.ibm.com",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/111783",
|
|
"source": "psirt@us.ibm.com",
|
|
"tags": [
|
|
"VDB Entry",
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21980252",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/111783",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"VDB Entry",
|
|
"Vendor Advisory"
|
|
]
|
|
}
|
|
]
|
|
} |