CVE-2021-46708
First published: Fri Mar 11 2022(Updated: )
npm swagger-ui-dist could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Smartbear Swagger-ui-dist Node.js | <4.1.3 | |
| IBM Cloud Pak for Business Automation | <=V23.0.1 - V23.0.1-IF002 | |
| IBM Cloud Pak for Business Automation | <=V21.0.3 - V21.0.3-IF024 | |
| IBM Cloud Pak for Business Automation | <=V22.0.2 - V22.0.2-IF006 and later fixesV22.0.1 - V22.0.1-IF006 and later fixesV21.0.2 - V21.0.2-IF012 and later fixesV21.0.1 - V21.0.1-IF007 and later fixesV20.0.1 - V20.0.3 and later fixesV19.0.1 - V19.0.3 and later fixesV18.0.0 - V18.0.2 and later fixes |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2021-46708.
What is the severity of CVE-2021-46708?
The severity of CVE-2021-46708 is medium with a severity value of 4.3.
What is affected by CVE-2021-46708?
The affected software is IBM Cloud Pak for Business Automation versions V23.0.1, V21.0.3, V22.0.2 and later, V22.0.1 and later, V21.0.2 and later, V21.0.1 and later, V20.0.1 and later, V19.0.1 and later, V18.0.0 and later.
How can a remote attacker exploit CVE-2021-46708?
A remote attacker can exploit CVE-2021-46708 by persuading a victim to visit a malicious website, allowing them to hijack the victim's click actions and potentially launch further attacks.
Where can I find more information about CVE-2021-46708?
You can find more information about CVE-2021-46708 at the following references: [link1](https://exchange.xforce.ibmcloud.com/vulnerabilities/217359) and [link2](https://www.ibm.com/support/pages/node/7047198).
- agent/type
- agent/first-publish-date
- agent/author
- agent/severity
- agent/remedy
- agent/description
- agent/event
- agent/weakness
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/ibm-support
- source/IBM
- agent/software-canonical-lookup
- agent/last-modified-date
- agent/references
- agent/tags
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- vendor/smartbear
- canonical/smartbear swagger-ui-dist node.js
- vendor/ibm
- canonical/ibm cloud pak for business automation
- version/ibm cloud pak for business automation/v23.0.1 - v23.0.1-if002
- version/ibm cloud pak for business automation/v21.0.3 - v21.0.3-if024
- version/ibm cloud pak for business automation/v22.0.2 - v22.0.2-if006 and later fixesv22.0.1 - v22.0.1-if006 and later fixesv21.0.2 - v21.0.2-if012 and later fixesv21.0.1 - v21.0.1-if007 and later fixesv20.0.1 - v20.0.3 and later fixesv19.0.1 - v19.0.3 and later fixesv18.0.0 - v18.0.2 and later fixes