CVE-2018-16172

Summary

Improper countermeasure against clickjacking attack in client certificates management screen was discovered in Cybozu Remote Service 3.0.0 to 3.1.8, that allows remote attackers to trick a user to delete the registered client certificate.

Affected Software

VendorProductVersion RangeStatus
Cybozu, Inc.Cybozu Remote Service3.0.0 to 3.1.8affected

Weaknesses

  • User Interface (UI) Misrepresentation of Critical Information

ADP Enrichment

CVE Program Container

Additional References

References