What is CVE-2016-0386?

CVE-2016-0386 is a high-severity vulnerability in Ibm Tririga_application_platform, classified under Cross-Site Request Forgery (CSRF). CVSS score: 8.0/10. Published 2016-07-02.

How severe is CVE-2016-0386?

High severity. CVSS v3 base score is 8.0 out of 10.

CSRF in Ibm Tririga_application_platform

CVE-2016-0386

Cross-site request forgery (CSRF) vulnerability in IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.4, and 3.5 before 3.5.0.2 allows remote authenticated users to hijack the authentication of administrators for request…

Vulnerability class: CSRF (Cross-Site Request Forgery)

EPSS: 0.005 (37.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.0 (High). Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H.

Affected products

Ibm Tririga_application_platform — versions 3.3.0.0, 3.3.0.1, 3.3.0.2
N/a — versions n/a

Weakness classification (CWE)

CWE-352 — Cross-Site Request Forgery (CSRF)

References

psirt@us.ibm.com (vendor-advisory, Vendor Advisory, x_refsource_AIXAPAR)

Frequently asked questions

What is CVE-2016-0386?: CVE-2016-0386 is a high-severity vulnerability in Ibm Tririga_application_platform, classified under Cross-Site Request Forgery (CSRF). CVSS score: 8.0/10. Published 2016-07-02.
How severe is CVE-2016-0386?: High severity. CVSS v3 base score is 8.0 out of 10.