Clickjacking Vulnerability in IBM Security Identity Governance and Intelligence
CVE-2018-1945

6.1MEDIUM

Key Information:

Vendor
IBM
Vendor
CVE Published:
21 February 2019

Summary

A vulnerability in IBM Security Identity Governance and Intelligence from versions 5.2 through 5.2.4.1 allows for a remote attacker to exploit clickjacking techniques. By tricking users into visiting a malicious website, the attacker can hijack the victim's click actions, potentially launching more severe attacks. This vulnerability exposes users to significant security risks, making it essential for organizations to apply the necessary mitigations.

Affected Version(s)

Security Identity Governance and Intelligence 5.2

Security Identity Governance and Intelligence 5.2.1

Security Identity Governance and Intelligence 5.2.2

References

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.