CVE-2013-0518

IBM Sterling Secure Proxy 3.2.0 and 3.3.01 before 3.3.01.23 Interim Fix 1, 3.4.0 before 3.4.0.6 Interim Fix 1, and 3.4.1 before 3.4.1.7 does not refuse to be rendered in different-origin frames, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
ibmCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 42%
VendorProductVersion
ibmsterling_secure_proxy
3.2.0.0
ibmsterling_secure_proxy
3.3.0.1
ibmsterling_secure_proxy
3.4.0.0
ibmsterling_secure_proxy
3.4.1.0
ibmsterling_secure_proxy
3.4.1.2
ibmsterling_secure_proxy
3.4.1.5
ibmsterling_secure_proxy
3.4.1.6
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www-01.ibm.com/support/docview.wss?uid=swg21636369
https://exchange.xforce.ibmcloud.com/vulnerabilities/83128
http://www-01.ibm.com/support/docview.wss?uid=swg21636369
https://exchange.xforce.ibmcloud.com/vulnerabilities/83128