Advisory ID : LINA/ADE-2023-0002
CVSS3.0 base score 4.1 AV:N/AC:L/UI:R/I:N/A:N
Date reported : 2022-10-27
Correction available : 2022-12-23
Synopsis :
A vulnerability of type Clickjacking has been detected
Product :
LINA / ADE admin console
Version :
From 5.0 to 6.0 of Lina
Problem type :
Description :
An attacker may use this vulnerability to build a clickjacking scenario, either pretending to be a legitimate Lina WebUI but redirecting the actions or conversely pretending to offer some other service while directing the requests towards Lina WebUI.
Anti-clickjacking headers protect sites from such attacks.
Mitigations or workaround :
We strongly recommend upgrading Lina to 6.0 or higher to avoid these issues.
Articles / Posts
- Tina 4.8 GA is available
- Lina 6.1 GA is available
- PowerShell for Lina 6.0
- Advisory ID : LINA/ADE-2023-0002
- Advisory ID : LINA/ADE-2023-0001
- Time Navigator 4.6.9 Hyper-V Software Alert
- Tina 4.7.1 GA is available !
- Miria install error on a Linux server without X11
- HSS Replication requires attention when upgrading to 5.x
- LINA Agents 5.3.4
Categories
- Lina – EN (21)
- Miria – EN (8)
- Tina – EN (18)
Archives
- July 2023
- April 2023
- March 2023
- February 2023
- January 2023
- December 2022
- October 2022
- September 2022
- July 2022
- December 2021
- November 2021
- October 2021
- July 2021
- May 2021
- April 2021
- March 2021
- February 2021
- January 2021
- November 2020
- October 2020
- September 2020
- August 2020
- July 2020
- June 2020
- May 2020