[Japanese]
|
JVNDB-2015-000172
|
Multiple routers contain issue in preventing clickjacking attacks
|
Multiple router products contain an issue in the protection against clickjacking attacks.
Noriaki Iwasaki of Cyber Defense Institute, Inc. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
|
CVSS V2 Severity: Base Metrics 2.6 (Low) [IPA Score]
- Access Vector: Network
- Access Complexity: High
- Authentication: None
- Confidentiality Impact: None
- Integrity Impact: Partial
- Availability Impact: None
|
Multiple products are affected.
For more information on vulnerable products, please refer to the "Vendor Status" section.
|
(Multiple Venders)
|
|
If a user views a malicious page while logged in, unintended operations may be conducted.
|
[Apply a solution]
Solutions vary depending on the product.
Apply the appropriate solution according to the information provided by the developer.
|
Allied Telesis
PLANEX COMMUNICATIONS INC.
Yamaha Corporation
I-O DATA DEVICE, INC.
THE FURUKAWA ELECTRIC CO., LTD.
NEC Corporation
- NEC Security Information : NV15-019 (in Japanese)
|
- No Mapping(CWE-Other) [IPA Evaluation]
|
|
- JVN : JVN#48135658
|
- [2015/10/30]
Web page was published
[2015/11/04]
Vendor Information : Content was added
[2015/11/12]
Vendor Information : Content was added
[2015/12/25]
Vendor Information : Content was added
[2016/02/12]
Vendor Information : Content was added
|