CVE-2014-4778

Currently unrated

Key Information:

Vendor
IBM
Status
Endpoint Manager Family
License Metric Tool
Vendor
CVE Published:
25 May 2015

Summary

IBM License Metric Tool 9 before 9.1.0.2 and Endpoint Manager for Software Use Analysis 9 before 9.1.0.2 do not send an X-Frame-Options HTTP header in response to requests for the login page, which allows remote attackers to conduct clickjacking attacks via vectors involving a FRAME element.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21701389
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
🍪 This website uses cookies, like every other website on the internet 😕 By using our website, you consent to the use of cookies.