Input validation

2019-01-0923:29:00

PRIOn knowledge base

www.prio-n.com

7 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.2%

JSON

Improper countermeasure against clickjacking attack in client certificates management screen was discovered in Cybozu Remote Service 3.0.0 to 3.1.8, that allows remote attackers to trick a user to delete the registered client certificate.

CPENameOperatorVersion
remote_service_managerge3.0.0
remote_service_managerle3.1.8

CPE	Name	Operator	Version
	remote_service_manager	ge	3.0.0
	remote_service_manager	le	3.1.8

References

jvn.jp/en/jp/JVN23161885/index.html

kb.cybozu.support/article/35260/