{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T09:51:53.271","vulnerabilities":[{"cve":{"id":"CVE-2014-4839","sourceIdentifier":"psirt@us.ibm.com","published":"2014-10-29T10:55:04.540","lastModified":"2025-04-12T10:46:40.837","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site request forgery (CSRF) vulnerability in birtviewer.query in IBM TRIRIGA Application Platform 3.2 and 3.3 before 3.3.0.2, 3.3.1 before 3.3.1.3, 3.3.2 before 3.3.2.2, and 3.4 before 3.4.0.1 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences."},{"lang":"es","value":"Vulnerabilidad de CSRF en birtviewer.query en IBM TRIRIGA Application Platform 3.2 y 3.3 anterior a 3.3.0.2, 3.3.1 anterior a 3.3.1.3, 3.3.2 anterior a 3.3.2.2, y 3.4 anterior a 3.4.0.1 permite a usuarios remotos autenticados secuestrar la autenticación de usuarios arbitrarios para solicitudes que insertan secuencias de XSS."}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:P/I:P/A:P","baseScore":6.0,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":6.8,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-352"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:tririga_application_platform:3.2:*:*:*:*:*:*:*","matchCriteriaId":"63B37387-4218-4B92-BD39-4EA5E849DB51"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:tririga_application_platform:3.3.0.0:*:*:*:*:*:*:*","matchCriteriaId":"6282A028-3DB7-4CE3-8479-2B254EE20C61"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:tririga_application_platform:3.3.0.1:*:*:*:*:*:*:*","matchCriteriaId":"D387C439-0C1C-4419-9115-F830414AC6D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:tririga_application_platform:3.3.1.1:*:*:*:*:*:*:*","matchCriteriaId":"31E156E1-EA1D-463B-AC55-964D1897BB12"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:tririga_application_platform:3.3.1.2:*:*:*:*:*:*:*","matchCriteriaId":"7E0AC53E-0F04-4F25-9F9C-AFF998C1CEB1"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:tririga_application_platform:3.3.2.0:*:*:*:*:*:*:*","matchCriteriaId":"110B75DA-3B5D-4B2A-A243-C02F04A69DD8"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:tririga_application_platform:3.3.2.1:*:*:*:*:*:*:*","matchCriteriaId":"3CFF6D9D-633A-414B-9A81-9627F1006F99"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:tririga_application_platform:3.4.0.0:*:*:*:*:*:*:*","matchCriteriaId":"AC985F26-E915-49CA-951A-7E3FE59E5377"}]}]}],"references":[{"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21686241","source":"psirt@us.ibm.com","tags":["Vendor Advisory"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/95635","source":"psirt@us.ibm.com"},{"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21686241","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/95635","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}