vulnerability

IBM WebSphere Application Server: CVE-2019-4285: Clickjacking vulnerability in WebSphere Application Server Liberty Admin Center (CVE-2019-4285)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:M/Au:S/C:N/I:P/A:N)	Jul 30, 2019	Sep 11, 2019	Aug 11, 2025

Severity

CVSS

(AV:N/AC:M/Au:S/C:N/I:P/A:N)

Published

Jul 30, 2019

Added

Sep 11, 2019

Modified

Aug 11, 2025

Description

IBM WebSphere Application Server - Liberty Admin Center could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could send a specially-crafted HTTP request to hijack the victim's click actions or launch other client-side browser attacks. IBM X-Force ID: 160513.

Solutions

ibm-was-install-8-5-ph13994-libertyibm-was-upgrade-8-5-19-0-0-7-liberty

References

CVE-2019-4285
https://attackerkb.com/topics/CVE-2019-4285
CWE-1021
IBM-ibm10884064
URL-https://exchange.xforce.ibmcloud.com/vulnerabilities/160513
URL-https://www.ibm.com/support/docview.wss?uid=ibm10884064

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today