Remote Clickjacking Vulnerability in HPE Diagnostics Products
CVE-2016-8521
6.5MEDIUM
Summary
A remote clickjacking vulnerability has been identified in HPE Diagnostics that allows an attacker to deceive users into clicking on invisible web elements. This can lead to unintended actions being executed within the application, potentially compromising user data and system security. This vulnerability affects multiple versions of HPE Diagnostics and necessitates immediate attention from IT administrators to mitigate risks associated with unauthorized actions.
Affected Version(s)
Diagnostics 9.24 IP1, 9.26 , 9.26IP1
References
CVSS V3.1
Score:
6.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved