tripwire 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
一般的な弱点パターンには vendor risk cross-site scripting and vendor risk denial of service があり、vendor surface production workloads and vendor surface software deployment の利用場面で vendor impact session compromise などのリスクが生じる可能性があります。
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2015-6237 | The RPC service in Tripwire (formerly nCircle) IP360 VnE Manager 7.2.2 before 7.2.6 allows remote attackers to bypass authentication and (1) enumerate users, (2) reset passwords, or (3) manipulate IP filter restrictions via crafted "privileged commands." | [email protected] | 9.8 | 1.67% | 2017-12-27 | 2026-05-13 |
| CVE-2013-5005 | Multiple cross-site scripting (XSS) vulnerabilities in ajaxRequest/methodCall.do in Tripwire Enterprise 8.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) m_target_class_name, (2) m_target_method_name, or (3) m_request_context_params parameters. | [email protected] | 4.3 | 1.43% | 2014-01-29 | 2026-04-29 |
| CVE-2008-0578 | Cross-site scripting (XSS) vulnerability in the web management login page in Tripwire Enterprise 7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | [email protected] | 4.3 | 1.29% | 2008-02-05 | 2026-04-23 |
| CVE-2004-0536 | Format string vulnerability in Tripwire commercial 4.0.1 and earlier, including 2.4, and open source 2.3.1 and earlier, allows local users to gain privileges via format string specifiers in a file name, which is used in the generation of an email report. | [email protected] | 7.2 | 0.37% | 2004-08-06 | 2026-04-16 |
| CVE-2001-0774 | Tripwire 1.3.1, 2.2.1 and 2.3.0 allows local users to overwrite arbitrary files and possible gain privileges via a symbolic link attack on temporary files. | [email protected] | 4.6 | 0.37% | 2001-10-18 | 2026-04-16 |
| CVE-1999-0464 | Local users can perform a denial of service in Tripwire 1.2 and earlier using long filenames. | [email protected] | 2.1 | 0.33% | 1999-01-04 | 2026-04-16 |