Clickjacking Vulnerability in IBM Jazz Foundation Products
CVE-2020-4547
5.4MEDIUM
Key Information:
- Vendor
- IBM
- Status
- Vendor
- CVE Published:
- 27 January 2021
Summary
The vulnerability affects IBM Jazz Foundation products, enabling remote attackers to hijack user click actions. By tricking users into visiting a malicious site, attackers can exploit this flaw to gain control over user interactions, potentially leading to further security risks. The vulnerability emphasizes the need for enhanced security measures to protect users from such deceptive attacks.
Affected Version(s)
Engineering Lifecycle Optimization 7.0
Engineering Test Management 7.0.0
Engineering Workflow Management 7.0
References
CVSS V3.1
Score:
5.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved