CVE-2016-0357

Published Jul 15, 2016

Last updated 7 years ago

Overview

Description: IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.1 before 7.0.1-ISS-SIM-FP0003 allows remote attackers to conduct clickjacking attacks via a crafted web site.
Source: psirt@us.ibm.com
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 3.0

Type: Primary
Base score: 4.3
Impact score: 1.4
Exploitability score: 2.8
Vector string: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Severity: MEDIUM

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-284

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ibm:security_identity_manager_adapter:7.0.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4F8FD871-0A5E-4413-8F1C-4125DA7741CB"
          },
          {
            "criteria": "cpe:2.3:a:ibm:security_identity_manager_adapter:7.0.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "17761140-202D-46B4-A955-F20FB7E4202E"
          },
          {
            "criteria": "cpe:2.3:a:ibm:security_identity_manager_adapter:7.0.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9238298D-D05D-4E71-A824-36D50820482E"
          },
          {
            "criteria": "cpe:2.3:a:ibm:security_identity_manager_adapter:7.0.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CE2D15D2-AA55-4077-AD96-8E380FD326C5"
          },
          {
            "criteria": "cpe:2.3:a:ibm:security_identity_manager_adapter:7.0.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2FA93FE3-93FF-40E4-B8CC-F078310C1B81"
          },
          {
            "criteria": "cpe:2.3:a:ibm:security_identity_manager_adapter:7.0.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A2E94FC6-A188-4029-A855-AC9F4BC6539D"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Configurations

References