Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2020-4785

Опубликовано: 03 нояб. 2020
Источник: nvd
CVSS3: 5.4
CVSS3: 5.4
CVSS2: 4.9
EPSS Низкий

Описание

IBM App Connect Enterprise Certified Container 1.0.0, 1.0.1, 1.0.2, 1.0.3, and 1.0.4 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 189219.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:app_connect_enterprise_certified_container:1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:1.0.4:*:*:*:*:*:*:*

EPSS

Процентиль: 25%
0.00084
Низкий

5.4 Medium

CVSS3

5.4 Medium

CVSS3

4.9 Medium

CVSS2

Дефекты

CWE-1021

Связанные уязвимости

github логотип

GHSA-cm92-597m-5xpc

github
больше 3 лет назад

IBM App Connect Enterprise Certified Container 1.0.0, 1.0.1, 1.0.2, 1.0.3, and 1.0.4 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 189219.

EPSS

Процентиль: 25%
0.00084
Низкий

5.4 Medium

CVSS3

5.4 Medium

CVSS3

4.9 Medium

CVSS2

Дефекты

CWE-1021