Vulnerabilities > CVE-2023-23482 - Unspecified vulnerability in IBM Sterling Partner Engagement Manager

CVSS 9.6 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

ibm

critical

NVD

Published: 2023-06-08

Updated: 2023-06-13

Summary

IBM Sterling Partner Engagement Manager 6.1, 6.2, and 6.2.1 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 245891.

Vulnerable Configurations

Part	Description	Count
Application	Ibm IBM Sterling Partner Engagement Manager * IBM Sterling Partner Engagement Manager 6.1.2 IBM Sterling Partner Engagement Manager 6.2.0 IBM Sterling Partner Engagement Manager 6.2.1.0 IBM Sterling Partner Engagement Manager 6.2.1	6
OS	Linux Linux Linux Kernel -	1

Summary

Vulnerable Configurations

References