CVE-2017-16775

Improper restriction of rendered UI layers or frames vulnerability in SSOOauth.cgi in Synology SSO Server before 2.1.3-0129 allows remote…

synology·CWE-1021·Published 2019-04-01

CVSS

—

EPSS

0.01

KEV

Exploits

cve.orgen

204 chars

Improper restriction of rendered UI layers or frames vulnerability in SSOOauth.cgi in Synology SSO Server before 2.1.3-0129 allows remote attackers to conduct clickjacking attacks via unspecified vectors.

NVDen

204 chars

NVDes

247 chars

Una restricción incorrecta de capas UI o tramas renderizadas en SSOOauth.cgi en Synology SSO Server, en versiones anteriores a la 2.1.3-0219, permite a los atacantes remotos realizar ataques de secuestro de clics mediante vectores sin especificar.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	5.8	8.6	4.9	AV:N/AC:M/Au:N/C:P/I:P/A:N
3.0	Primary	cve.org	7.1	—	—	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L