Advisory ID : LINA/ADE-2023-0002
CVSS3.0 base score 4.1 AV:N/AC:L/UI:R/I:N/A:N
Date reported : 2022-10-27
Correction available : 2022-12-23
Synopsis :
A vulnerability of type Clickjacking has been detected
Product :
LINA / ADE admin console
Version :
From 5.0 to 6.0 of Lina
Problem type :
Description :
An attacker may use this vulnerability to build a clickjacking scenario, either pretending to be a legitimate Lina WebUI but redirecting the actions or conversely pretending to offer some other service while directing the requests towards Lina WebUI.
Anti-clickjacking headers protect sites from such attacks.
Mitigations or workaround :
We strongly recommend upgrading Lina to 6.0 or higher to avoid these issues.
Articles / Posts
- Lina 6.1 Controlled Release is available on-demand
- PowerShell for Lina 6.0
- Advisory ID : LINA/ADE-2023-0002
- Advisory ID : LINA/ADE-2023-0001
- Time Navigator 4.6.9 Hyper-V Software Alert
- Tina 4.7.1 GA is available !
- Miria install error on a Linux server without X11
- HSS Replication requires attention when upgrading to 5.x
- LINA Agents 5.3.4
- Miria 3.15 GA is available
Categories
- Lina – EN (21)
- Miria – EN (8)
- Tina – EN (17)