| ID |
CVE-2016-0314
|
| Summary |
The Report Builder and Data Collection Component (DCC) in IBM Jazz Reporting Service (JRS) 5.x before 5.0.2 ifix016 and 6.x before 6.0.1 ifix005 allow remote authenticated users to conduct clickjacking attacks via unspecified vectors. |
| References |
|
| Vulnerable Configurations |
-
cpe:2.3:a:ibm:jazz_reporting_service:5.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_reporting_service:5.0:*:*:*:*:*:*:*
-
cpe:2.3:a:ibm:jazz_reporting_service:5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_reporting_service:5.0.1:*:*:*:*:*:*:*
-
cpe:2.3:a:ibm:jazz_reporting_service:5.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_reporting_service:5.0.2:*:*:*:*:*:*:*
-
cpe:2.3:a:ibm:jazz_reporting_service:6.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_reporting_service:6.0:*:*:*:*:*:*:*
-
cpe:2.3:a:ibm:jazz_reporting_service:6.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_reporting_service:6.0.1:*:*:*:*:*:*:*
|
| CVSS |
| Base: | 4.0 (as of 28-11-2016 - 19:53) |
| Impact: | |
| Exploitability: | |
|
| CWE |
NVD-CWE-noinfo |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| NETWORK |
LOW |
SINGLE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| NONE |
PARTIAL |
NONE |
|
| cvss-vector
via4
|
AV:N/AC:L/Au:S/C:N/I:P/A:N
|
| refmap
via4
|
|
| Last major update |
28-11-2016 - 19:53 |
| Published |
08-07-2016 - 01:59 |
| Last modified |
28-11-2016 - 19:53 |
