Lucene search
IbmCVE-2015-0127HistoryJun 28, 2015 - 10:59 p.m.
CVE-2015-0127
2015-06-2822:59:05
CWE-254
ibm
web.nvd.nist.gov
19
ibm
leads
cve-2015-0127
phishing attacks
web security
CVSS2
3.5
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
AI Score
6.2
Confidence
Low
EPSS
0.001
Percentile
29.8%
IBM Leads 7.x, 8.1.0 before 8.1.0.14, 8.2, 8.5.0 before 8.5.0.7.3, 8.6.0 before 8.6.0.8.1, 9.0.0 through 9.0.0.4, 9.1.0 before 9.1.0.6.1, and 9.1.1 before 9.1.1.0.2 does not properly restrict use of FRAME elements, which allows remote authenticated users to conduct phishing attacks via a crafted web site.
Affected configurations
Node
ibmleadsMatch7.1.0
ORibmleadsMatch7.1.1
ORibmleadsMatch7.5.0
ORibmleadsMatch8.1.0
ORibmleadsMatch8.2.0
ORibmleadsMatch8.5.0
ORibmleadsMatch8.6.0
ORibmleadsMatch9.0.0
ORibmleadsMatch9.1.0
ORibmleadsMatch9.1.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | leads | 7.1.0 | cpe:2.3:a:ibm:leads:7.1.0:*:*:*:*:*:*:* |
| ibm | leads | 7.1.1 | cpe:2.3:a:ibm:leads:7.1.1:*:*:*:*:*:*:* |
| ibm | leads | 7.5.0 | cpe:2.3:a:ibm:leads:7.5.0:*:*:*:*:*:*:* |
| ibm | leads | 8.1.0 | cpe:2.3:a:ibm:leads:8.1.0:*:*:*:*:*:*:* |
| ibm | leads | 8.2.0 | cpe:2.3:a:ibm:leads:8.2.0:*:*:*:*:*:*:* |
| ibm | leads | 8.5.0 | cpe:2.3:a:ibm:leads:8.5.0:*:*:*:*:*:*:* |
| ibm | leads | 8.6.0 | cpe:2.3:a:ibm:leads:8.6.0:*:*:*:*:*:*:* |
| ibm | leads | 9.0.0 | cpe:2.3:a:ibm:leads:9.0.0:*:*:*:*:*:*:* |
| ibm | leads | 9.1.0 | cpe:2.3:a:ibm:leads:9.1.0:*:*:*:*:*:*:* |
| ibm | leads | 9.1.1 | cpe:2.3:a:ibm:leads:9.1.1:*:*:*:*:*:*:* |
Related
prion
prion
Code injection
2015-06-28 22:59:00
cvelist
cvelist
CVE-2015-0127
2015-06-28 22:00:00
nvd
nvd
CVE-2015-0127
2015-06-28 22:59:05
CVSS2
3.5
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
AI Score
6.2
Confidence
Low
EPSS
0.001
Percentile
29.8%
Related for CVE-2015-0127