Lucene search

[email protected]CVE-2013-5462

HistoryDec 19, 2013 - 10:55 p.m.

CVE-2013-5462

2013-12-1922:55:04

CWE-20

[email protected]

web.nvd.nist.gov

cve-2013-5462

ibm

ecmclient

content navigator

clickjacking

security vulnerability

nvd

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.5 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

62.0%

JSON

IBM/ECMClient/configure/explodedformat/navigator/header.jsp in IBM Content Navigator 2.0.0, 2.0.1 before 2.0.1.2-ICN-FP002, and 2.0.2 before 2.0.2.1-ICN-FP001 allows remote attackers to conduct clickjacking attacks via vectors involving FRAME elements.

Affected configurations

NVD

Node

ibmcontent_navigatorMatch2.0.0

ibmcontent_navigatorMatch2.0.1

ibmcontent_navigatorMatch2.0.2

CPENameOperatorVersion
ibm:content_navigatoribm content navigatoreq2.0.0
ibm:content_navigatoribm content navigatoreq2.0.1
ibm:content_navigatoribm content navigatoreq2.0.2

CPE	Name	Operator	Version
ibm:content_navigator	ibm content navigator	eq	2.0.0
ibm:content_navigator	ibm content navigator	eq	2.0.1
ibm:content_navigator	ibm content navigator	eq	2.0.2

References

www-01.ibm.com/support/docview.wss?uid=swg21660223

www.securitytracker.com/id/1037704

exchange.xforce.ibmcloud.com/vulnerabilities/88358

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.5 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

62.0%

JSON

Related for CVE-2013-5462

ibm3 nvd1 prion1 cvelist1