Clickjacking Vulnerability in IBM Security Identity Manager Virtual Appliance
CVE-2016-0357

4.3MEDIUM

Key Information:

Vendor
IBM
Vendor
CVE Published:
15 July 2016

Summary

The vulnerability in IBM Security Identity Manager Virtual Appliance versions 7.0.0.0 to 7.0.1.1 enables remote attackers to perform clickjacking attacks. This occurs when attackers trick users into interacting with a webpage without their knowledge, potentially leading to unauthorized actions being performed as a result of user clicks on hidden or disguised elements. It is essential to apply the appropriate patches and follow security best practices to mitigate the risk associated with this vulnerability.

References

CVSS V3.1

Score:
4.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.