Remote Clickjacking Vulnerability in IBM i2 Enterprise Insight Analysis
CVE-2018-1504
6.1MEDIUM
Summary
IBM i2 Enterprise Insight Analysis 2.1.7 is susceptible to a clickjacking vulnerability that can be exploited by a remote attacker. By convincing a victim to access a malicious website, attackers may hijack the victim's click actions, leading to unauthorized actions being executed on behalf of the user. This vulnerability could pave the way for further attacks, presenting serious security risks for users of the affected product.
Affected Version(s)
i2 Enterprise Insight Analysis 2.1.7
References
CVSS V3.1
Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved