CVE-2023-23343

MEDIUM Year: 2023
CVSS v3 Score
6.1
Medium
Weakness Type
CWE-1021
View all →

Vulnerability Description

A clickjacking vulnerability in the HCL BigFix OSD Bare Metal Server version 311.12 or lower allows attacker to use transparent or opaque layers to trick a user into clicking on a button or link on another page to perform a redirect to an attacker-controlled domain.

Related Vulnerabilities

CVE-2017-11290

MEDIUM
CVSS:6.1(Medium)

An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A UI Redress (or Clickjacking) vulnerability exists. This issue has been resolved by adding a feature that enables Connect administ...

CWE-10212017

CVE-2017-16775

MEDIUM
CVSS:6.1(Medium)

Improper restriction of rendered UI layers or frames vulnerability in SSOOauth.cgi in Synology SSO Server before 2.1.3-0129 allows remote attackers to conduct clickjacking attacks via unspecified vect...

CWE-10212017

CVE-2018-1803

MEDIUM
CVSS:6.1(Medium)

IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malic...

CWE-10212018

CVE-2018-1853

MEDIUM
CVSS:6.1(Medium)

IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote ...

CWE-10212018

CVE-2018-19957

MEDIUM
CVSS:6.1(Medium)

A vulnerability involving insufficient HTTP security headers has been reported to affect QNAP NAS running QTS, QuTS hero, and QuTScloud. This vulnerability allows remote attackers to launch privacy an...

CWE-10212018

CVE-2019-4086

MEDIUM
CVSS:6.1(Medium)

IBM Cloud Application Performance Management 8.1.4 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker co...

CWE-10212019