What is CVE-2016-0348?

CVE-2016-0348 is a high-severity vulnerability in Ibm Tririga_application_platform, classified under Cross-Site Request Forgery (CSRF). CVSS score: 8.0/10. Published 2018-02-21.

How severe is CVE-2016-0348?

High severity. CVSS v3 base score is 8.0 out of 10.

CSRF in Ibm Tririga_application_platform

CVE-2016-0348

Cross-site request forgery (CSRF) vulnerability in IBM TRIRIGA Application Platform 3.3, 3.3.1, 3.3.2, and 3.4 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences. IBM X-Force ID…

Vulnerability class: CSRF (Cross-Site Request Forgery)

EPSS: 0.007 (47.2th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.0 (High). Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H.

Affected products

Ibm Tririga_application_platform — versions 3.3.0.0, 3.3.1.0, 3.3.2.0
N/a — versions n/a

Weakness classification (CWE)

CWE-352 — Cross-Site Request Forgery (CSRF)

References

psirt@us.ibm.com (x_refsource_CONFIRM, Vendor Advisory)
psirt@us.ibm.com (VDB Entry, vdb-entry, Vendor Advisory, x_refsource_XF)

Frequently asked questions

What is CVE-2016-0348?: CVE-2016-0348 is a high-severity vulnerability in Ibm Tririga_application_platform, classified under Cross-Site Request Forgery (CSRF). CVSS score: 8.0/10. Published 2018-02-21.
How severe is CVE-2016-0348?: High severity. CVSS v3 base score is 8.0 out of 10.