PT-2012-5670 · Pattern Insight · Pattern Insight

Published

2012-11-18

Updated

2017-08-29

CVE-2012-4936

CVSS v2.0

6.8

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Pattern Insight version 2.3

Description The issue allows remote attackers to conduct clickjacking attacks via a FRAME element in the web interface.

Recommendations For Pattern Insight version 2.3, consider disabling the web interface or restricting access to it until a patch is available. As a temporary workaround, avoid using the FRAME element in the web interface to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2012-4936

Affected Products

Pattern Insight

PT-2012-5670 · Pattern Insight · Pattern Insight

CVE-2012-4936

Related Identifiers

Affected Products

References · 5