PT-2019-9816 · Ibm · Ibm Security Identity Governance/Intelligence

Published

2019-02-21

Updated

2019-10-09

CVE-2018-1945

CVSS v3.1

6.1

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions IBM Security Identity Governance and Intelligence versions 5.2 through 5.2.4.1 Virtual Appliance

Description A remote attacker could hijack the clicking action of a victim by persuading them to visit a malicious Web site, potentially launching further attacks against the victim.

Recommendations For IBM Security Identity Governance and Intelligence versions 5.2 through 5.2.4.1 Virtual Appliance, update to a version that addresses this issue to prevent remote attackers from hijacking the victim's click actions.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2018-1945

Affected Products

Ibm Security Identity Governance/Intelligence

PT-2019-9816 · Ibm · Ibm Security Identity Governance/Intelligence

CVE-2018-1945

Weakness Enumeration

Related Identifiers

Affected Products

References · 4