Описание
Improper countermeasure against clickjacking attack in client certificates management screen was discovered in Cybozu Remote Service 3.0.0 to 3.1.8, that allows remote attackers to trick a user to delete the registered client certificate.
Ссылки
- Third Party Advisory
- Vendor Advisory
- Third Party Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 3.0.0 (включая) до 3.1.8 (включая)
cpe:2.3:a:cybozu:remote_service_manager:*:*:*:*:*:*:*:*
EPSS
Процентиль: 27%
0.00095
Низкий
6.5 Medium
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-1021
Связанные уязвимости
CVSS3: 6.5
github
больше 3 лет назад
Improper countermeasure against clickjacking attack in client certificates management screen was discovered in Cybozu Remote Service 3.0.0 to 3.1.8, that allows remote attackers to trick a user to delete the registered client certificate.
EPSS
Процентиль: 27%
0.00095
Низкий
6.5 Medium
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-1021