{"containers": {"cna": {"affected": [{"product": "TRIRIGA Application Platform", "vendor": "IBM", "versions": [{"status": "affected", "version": "3.3"}, {"status": "affected", "version": "3.3.1"}, {"status": "affected", "version": "3.3.2"}, {"status": "affected", "version": "3.4"}, {"status": "affected", "version": "3.4.1"}, {"status": "affected", "version": "3.4.2"}, {"status": "affected", "version": "3.5"}, {"status": "affected", "version": "3.5.1"}, {"status": "affected", "version": "3.5.2"}]}], "datePublic": "2017-11-30T00:00:00", "descriptions": [{"lang": "en", "value": "IBM TRIRIGA 3.2, 3.3, 3.4, and 3.5 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 128464."}], "problemTypes": [{"descriptions": [{"description": "Gain Access", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-12-07T14:57:01", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128464"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.ibm.com/support/docview.wss?uid=swg22006184"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@us.ibm.com", "DATE_PUBLIC": "2017-11-30T00:00:00", "ID": "CVE-2017-1465", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "TRIRIGA Application Platform", "version": {"version_data": [{"version_value": "3.3"}, {"version_value": "3.3.1"}, {"version_value": "3.3.2"}, {"version_value": "3.4"}, {"version_value": "3.4.1"}, {"version_value": "3.4.2"}, {"version_value": "3.5"}, {"version_value": "3.5.1"}, {"version_value": "3.5.2"}]}}]}, "vendor_name": "IBM"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "IBM TRIRIGA 3.2, 3.3, 3.4, and 3.5 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 128464."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Gain Access"}]}]}, "references": {"reference_data": [{"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128464", "refsource": "MISC", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128464"}, {"name": "http://www.ibm.com/support/docview.wss?uid=swg22006184", "refsource": "CONFIRM", "url": "http://www.ibm.com/support/docview.wss?uid=swg22006184"}]}}}}, "cveMetadata": {"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2017-1465", "datePublished": "2017-11-30T00:00:00", "dateReserved": "2016-11-30T00:00:00", "dateUpdated": "2017-12-07T14:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:tririga_application_platform:3.3.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "6282A028-3DB7-4CE3-8479-2B254EE20C61", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tririga_application_platform:3.3.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "D387C439-0C1C-4419-9115-F830414AC6D1", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tririga_application_platform:3.3.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "A44316ED-571F-4E4B-BC02-CED0E09D175E", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tririga_application_platform:3.3.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "B422964C-DAC7-4896-9368-AFDC6BE64F87", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tririga_application_platform:3.3.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "31E156E1-EA1D-463B-AC55-964D1897BB12", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tririga_application_platform:3.3.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "7E0AC53E-0F04-4F25-9F9C-AFF998C1CEB1", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tririga_application_platform:3.3.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "648D0E41-BA9F-4798-A5E4-413F7D895B7C", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tririga_application_platform:3.3.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "110B75DA-3B5D-4B2A-A243-C02F04A69DD8", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tririga_application_platform:3.3.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "3CFF6D9D-633A-414B-9A81-9627F1006F99", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tririga_application_platform:3.3.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "97EB5F4E-24BB-4F17-80B1-963DBC66E44D", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tririga_application_platform:3.3.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "2FAD7EB7-9157-4FA1-822D-C5C704136FD1", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tririga_application_platform:3.3.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "59161DED-CC0F-4BD2-BCAD-6D3E766FAB8F", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tririga_application_platform:3.3.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "1A818249-26BA-4575-9805-3AC8C038B25B", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tririga_application_platform:3.4.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "AC985F26-E915-49CA-951A-7E3FE59E5377", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tririga_application_platform:3.4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "4271E1DA-B047-4C91-93D6-EF5A9EE9AC51", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tririga_application_platform:3.4.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "27D8FE59-90C3-4EE3-BA70-01C71DCC27B0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tririga_application_platform:3.4.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "3DD18A13-F399-4E83-9976-B7C6FB41B236", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tririga_application_platform:3.4.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "2D0F8B24-227A-42F2-A6FC-03AFB588CCCE", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tririga_application_platform:3.4.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "0E748299-7540-4141-B5DC-97C5C18FF162", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tririga_application_platform:3.4.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "13E00EA8-D6B3-464A-A7E8-F186FE4A3DB1", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tririga_application_platform:3.4.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "00554970-B211-438A-A51C-5CF618431886", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tririga_application_platform:3.4.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "78DD7794-25C5-4C04-9CFD-4CA9EAA4CA2A", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tririga_application_platform:3.4.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "220168B8-68E8-45CA-A351-7A07415495CD", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tririga_application_platform:3.4.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "B392C124-E469-4955-B11E-8B281557C43A", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tririga_application_platform:3.4.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "D83F93CE-B0E1-4904-8051-67A18692CB90", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tririga_application_platform:3.5.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "CE1B5398-7C51-4834-AB7A-F284C23C95FC", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tririga_application_platform:3.5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "627B09F8-666C-4D29-B415-7488DC54CD06", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tririga_application_platform:3.5.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "30F2D08F-E531-4E5B-94B9-3EFF5869FAC6", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tririga_application_platform:3.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "EFFAC901-11B6-4754-A4FB-955CAB39D938", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tririga_application_platform:3.5.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "60154DE9-997F-4ABD-8E22-A8D006FB6931", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tririga_application_platform:3.5.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "F536558A-18B4-44C6-8921-4BE3C385CCE3", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tririga_application_platform:3.5.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "8F3C78ED-A345-4199-813A-EDD7BD1F09DA", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tririga_application_platform:3.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "CD95904E-647A-499E-AE3C-E742BAE1EED2", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tririga_application_platform:3.5.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "349582F6-EBBA-4AA8-88F4-A708A1472859", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tririga_application_platform:3.5.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "679228D7-1FF0-44E9-AB51-A3436CC550AB", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tririga_application_platform:3.5.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "AA5C5243-DEA5-453B-BD7E-4561A5F012A6", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tririga_application_platform:3.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "1CE6DEDE-0FC4-4264-8B83-5B6E564D41AF", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "IBM TRIRIGA 3.2, 3.3, 3.4, and 3.5 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 128464."}, {"lang": "es", "value": "IBM TRIRIGA 3.2, 3.3, 3.4 y 3.5 podr\u00eda permitir que un atacante remoto realizase un secuestro de clic a la v\u00edctima. Al persuadir a una v\u00edctima para que visite un sitio web malicioso, un atacante remoto podr\u00eda explotar esta vulnerabilidad para secuestrar las acciones de clic de la v\u00edctima y, probablemente, lanzar m\u00e1s ataques contra esta. IBM X-Force ID: 128464."}], "id": "CVE-2017-1465", "lastModified": "2017-12-19T15:11:43.990", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 3.5, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 2.3, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-12-07T15:29:00.937", "references": [{"source": "psirt@us.ibm.com", "tags": ["Issue Tracking", "Vendor Advisory"], "url": "http://www.ibm.com/support/docview.wss?uid=swg22006184"}, {"source": "psirt@us.ibm.com", "tags": ["Issue Tracking", "VDB Entry", "Vendor Advisory"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128464"}], "sourceIdentifier": "psirt@us.ibm.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}