CVE-2023-45698

CVSS 3.1 Score 4.8 of 10 (medium)

Details

Published Feb 10, 2024

Updated: Feb 11, 2024

Summary

CVE-2023-45698: Sametime, an IBM collaboration software, is vulnerable to clickjacking attacks due to insufficient security measures in its Outlook add-in. The add-in fails to implement adequate clickjacking protections, leaving users susceptible to potential manipulation and data theft through malicious websites or applications. Attackers could exploit this weakness to force users into performing unwanted actions without their knowledge or consent. IBM is encouraged to release a patch to address this issue and advise users to exercise caution when using the add-in.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/s9dd_P
https://www.cve.org/CVERecord?id=CVE-2023-45698
https://nvd.nist.gov/vuln/detail/CVE-2023-45698

Back to Vulnerability Database

CVE-2023-45698

CVSS 3.1 Score 4.8 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations