Vulnerability Details CVE-2016-0386
Cross-site request forgery (CSRF) vulnerability in IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.4, and 3.5 before 3.5.0.2 allows remote authenticated users to hijack the authentication of administrators for requests that delete employees.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 27.8%
CVSS Severity
CVSS v3 Score 8.0
CVSS v2 Score 6.0
References
Products affected by CVE-2016-0386
-
cpe:2.3:a:ibm:tririga_application_platform:3.3.0.0
-
cpe:2.3:a:ibm:tririga_application_platform:3.3.0.1
-
cpe:2.3:a:ibm:tririga_application_platform:3.3.0.2
-
cpe:2.3:a:ibm:tririga_application_platform:3.3.1.0
-
cpe:2.3:a:ibm:tririga_application_platform:3.3.1.1
-
cpe:2.3:a:ibm:tririga_application_platform:3.3.1.2
-
cpe:2.3:a:ibm:tririga_application_platform:3.3.1.3
-
cpe:2.3:a:ibm:tririga_application_platform:3.3.2.0
-
cpe:2.3:a:ibm:tririga_application_platform:3.3.2.1
-
cpe:2.3:a:ibm:tririga_application_platform:3.3.2.3
-
cpe:2.3:a:ibm:tririga_application_platform:3.3.2.4
-
cpe:2.3:a:ibm:tririga_application_platform:3.3.2.5
-
cpe:2.3:a:ibm:tririga_application_platform:3.4.0.0
-
cpe:2.3:a:ibm:tririga_application_platform:3.4.1.1
-
cpe:2.3:a:ibm:tririga_application_platform:3.4.1.2
-
cpe:2.3:a:ibm:tririga_application_platform:3.4.1.3
-
cpe:2.3:a:ibm:tririga_application_platform:3.4.2.0
-
cpe:2.3:a:ibm:tririga_application_platform:3.4.2.1
-
cpe:2.3:a:ibm:tririga_application_platform:3.4.2.2
-
cpe:2.3:a:ibm:tririga_application_platform:3.4.2.3
-
cpe:2.3:a:ibm:tririga_application_platform:3.5.0.0
-
cpe:2.3:a:ibm:tririga_application_platform:3.5.0.1