IBM6D070A6A1B63028D88EF22146FAA0188B5F2B9F4459C4BC0486E0A74B0F988A7Security Bulletin: A Security Vulnerability was fixed in IBM Security Privileged Identity Manager (CVE-2016-0357)
0.003 Low
EPSS
Percentile
66.0%
Summary
IBM Security Identity Manager Virtual Appliance could allow a remote attacker to hijack the clicking action of the victim
Vulnerability Details
CVEID: CVE-2016-0357**
DESCRIPTION:** IBM Security Identity Manager Virtual Appliance could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim’s click actions and possibly launch further attacks against the victim.
CVSS Base Score: 5.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/111896 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
Affected Products and Versions
IBM Security Privileged Identity Manager 2.0.2
Remediation/Fixes
Affected Product
| Fix Availability
—|—
IBM Security Privileged Identity Manager 2.0.2| IBM Security Privileged Identity Manager 2.0.2 Fixpack 3
Workarounds and Mitigations
None
| CPE | Name | Operator | Version |
|---|---|---|---|
| ibm security privileged identity manager | eq | 2.0.2 |
Related
0.003 Low
EPSS
Percentile
66.0%