Lucene search
CertccCVE-2012-4936HistoryNov 18, 2012 - 9:55 p.m.
CVE-2012-4936
2012-11-1821:55:00
certcc
web.nvd.nist.gov
21
cve-2012-4936
pattern insight
clickjacking
web interface
remote attackers
frame element
nvd
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
6.8
Confidence
Low
EPSS
0.006
Percentile
78.6%
The web interface in Pattern Insight 2.3 allows remote attackers to conduct clickjacking attacks via a FRAME element.
Affected configurations
Node
patterninsightpattern_insightMatch2.3
| Vendor | Product | Version | CPE |
|---|---|---|---|
| patterninsight | pattern_insight | 2.3 | cpe:2.3:a:patterninsight:pattern_insight:2.3:*:*:*:*:*:*:* |
Related
prion
prion
Code injection
2012-11-18 21:55:00
cvelist
cvelist
CVE-2012-4936
2012-11-18 21:00:00
nvd
nvd
CVE-2012-4936
2012-11-18 21:55:00
cert
cert
Pattern Insight 2.3 contains multiple vulnerabilities
2012-11-02 00:00:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
6.8
Confidence
Low
EPSS
0.006
Percentile
78.6%
Related for CVE-2012-4936