CVE-2016-2917

Published: Nov 30, 2016Modified: May 6, 2026

8.8

Vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

The notifications component in IBM TRIRIGA Applications 10.4 and 10.5 before 10.5.1 allows remote authenticated users to obtain sensitive password information, and consequently gain privileges, via unspecified vectors.

Affected (2)

Products: Ibm: Tririga Application Platform

Ibm

1 product

Tririga Application Platform

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Ibm Tririga Application Platform	Version 10.4
Ibm Tririga Application Platform	Version 10.5

Related CWEs

CWE-264

References (4)

http://www-01.ibm.com/support/docview.wss?uid=swg1IV84740

Source: psirt@us.ibm.com

Vendor Advisory

http://www-01.ibm.com/support/docview.wss?uid=swg21984304

Source: psirt@us.ibm.com

MitigationVendor Advisory

http://www-01.ibm.com/support/docview.wss?uid=swg1IV84740

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www-01.ibm.com/support/docview.wss?uid=swg21984304

Source: af854a3a-2127-422b-91ae-364da2661108

MitigationVendor Advisory

Timeline

No history available yet.