SymmetricalDataSecurity: IBM Security Bulletin: IBM TRIRIGA default login page has no defenses against clickjacking (CVE-2017-1465)

Friday, December 1, 2017

IBM Security Bulletin: IBM TRIRIGA default login page has no defenses against clickjacking (CVE-2017-1465)

IBM TRIRIGA could allow a remote attacker to hijack the clicking action of the victim.

CVE(s): CVE-2017-1465

Affected product(s) and affected version(s):

The following IBM TRIRIGA Platform versions are affected.
· IBM TRIRIGA Application Platform 3.5.0 – 3.5.3.0.
· IBM TRIRIGA Application Platform 3.4.0 – 3.4.2.5.
· IBM TRIRIGA Application Platform 3.3.0 – 3.3.2.5.

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2ALti01
X-Force Database: http://ift.tt/2zUW3aR

The post IBM Security Bulletin: IBM TRIRIGA default login page has no defenses against clickjacking (CVE-2017-1465) appeared first on IBM PSIRT Blog.

from IBM Product Security Incident Response Team http://ift.tt/2ALtkVH

SymmetricalDataSecurity

Friday, December 1, 2017

IBM Security Bulletin: IBM TRIRIGA default login page has no defenses against clickjacking (CVE-2017-1465)

No comments:

Post a Comment

Blog Archive

Search This Blog

Total Pageviews