CVE-2024-1890
6.4
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:L
Summary
Vulnerability whereby an attacker could send a malicious link to an authenticated operator, which could allow remote attackers to perform a clickjacking attack on Sunny WebBox firmware version 1.6.1 and earlier.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| SMA | Sunny Webbox | 0 <= 1.61 | affected |
Weaknesses
- CWE-1021: CWE-1021 Improper Restriction of Rendered UI Layers or Frames
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.