CVE-2023-42011

{"id": "CVE-2023-42011", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "psirt@us.ibm.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 2.8}]}, "published": "2024-06-27T18:15:13.143", "references": [{"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/265508", "source": "psirt@us.ibm.com"}, {"url": "https://www.ibm.com/support/pages/node/7158657", "source": "psirt@us.ibm.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Primary", "source": "psirt@us.ibm.com", "description": [{"lang": "en", "value": "CWE-1021"}]}], "descriptions": [{"lang": "en", "value": "IBM Sterling B2B Integrator Standard Edition 6.1 and 6.2 does not restrict or incorrectly restricts frame objects or UI layers that belong to another application or domain, which can lead to user confusion about which interface the user is interacting with. IBM X-Force ID: 265508."}, {"lang": "es", "value": "IBM Sterling B2B Integrator Standard Edition 6.1 y 6.2 no restringe o restringe incorrectamente objetos de marco o capas de UI que pertenecen a otra aplicaci\u00f3n o dominio, lo que puede generar confusi\u00f3n en el usuario acerca de con qu\u00e9 interfaz est\u00e1 interactuando. ID de IBM X-Force: 265508."}], "lastModified": "2024-06-27T19:25:12.067", "sourceIdentifier": "psirt@us.ibm.com"}