nvd-json-data-feeds/CVE-2017/CVE-2017-15xx/CVE-2017-1516.json

{
  "id": "CVE-2017-1516",
  "sourceIdentifier": "psirt@us.ibm.com",
  "published": "2018-01-26T21:29:00.570",
  "lastModified": "2018-02-08T14:44:15.847",
  "vulnStatus": "Analyzed",
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM Doors Web Access 9.5 and 9.6 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 129826."
    },
    {
      "lang": "es",
      "value": "IBM Doors Web Access 9.5 y 9.6 podr\u00eda permitir que un atacante remoto realizase un secuestro de clic a la v\u00edctima. Al persuadir a una v\u00edctima para que visite un sitio web malicioso, un atacante remoto podr\u00eda explotar esta vulnerabilidad para secuestrar las acciones de clicado de la v\u00edctima y, probablemente, lanzar m\u00e1s ataques contra la v\u00edctima. IBM X-Force ID: 129826."
    }
  ],
  "metrics": {
    "cvssMetricV30": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.0",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "REQUIRED",
          "scope": "CHANGED",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "availabilityImpact": "NONE",
          "baseScore": 5.4,
          "baseSeverity": "MEDIUM"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 2.7
      }
    ],
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
          "accessVector": "NETWORK",
          "accessComplexity": "MEDIUM",
          "authentication": "SINGLE",
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "availabilityImpact": "NONE",
          "baseScore": 3.5
        },
        "baseSeverity": "LOW",
        "exploitabilityScore": 6.8,
        "impactScore": 2.9,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": true
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:rational_doors:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "9.5.0.0",
              "versionEndIncluding": "9.5.0.7",
              "matchCriteriaId": "18D8B61D-8C61-47FE-9333-46D3BBC2054E"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:rational_doors:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "9.5.1.0",
              "versionEndIncluding": "9.5.1.8",
              "matchCriteriaId": "D663D277-4979-44F4-8AC4-40C609213859"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:rational_doors:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "9.5.2.0",
              "versionEndIncluding": "9.5.2.7",
              "matchCriteriaId": "E602E686-F359-4A68-8F2F-85FA40AEDD66"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:rational_doors:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "9.6.0.0",
              "versionEndIncluding": "9.6.0.6",
              "matchCriteriaId": "0F09A87C-CF16-485D-ACD6-A59836A6693C"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:rational_doors:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "9.6.1.0",
              "versionEndIncluding": "9.6.1.9",
              "matchCriteriaId": "FE5CAEFC-C2D9-45F0-9BD4-2315DEC1DEC3"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://www.ibm.com/support/docview.wss?uid=swg22012789",
      "source": "psirt@us.ibm.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ]
    },
    {
      "url": "http://www.securityfocus.com/bid/102867",
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ]
    },
    {
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/129826",
      "source": "psirt@us.ibm.com",
      "tags": [
        "VDB Entry",
        "Vendor Advisory"
      ]
    }
  ]
}