CVE-2020-4406
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
IBM Spectrum Protect Client 8.1.7.0 through 8.1.9.1 (Linux and Windows), 8.1.9.0 trough 8.1.9.1 (AIX) and IBM Spectrum Protect for Space Management 8.1.7.0 through 8.1.9.1 (Linux), 8.1.9.0 through 8.1.9.1 (AIX) web user interfaces could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 179488.
IBM Spectrum Protect Client versiones 8.1.7.0 hasta 8.1.9.1 (Linux y Windows), versiones 8.1.9.0 hasta 8.1.9.1 (AIX) e IBM Spectrum Protect para Space Management versiones 8.1.7.0 hasta 8.1.9.1 (Linux), versiones 8.1.9.0 hasta 8.1.9.1 (AIX), las interfaces de usuario web podrían permitir a un atacante remoto secuestrar la acción de clic de la víctima. Al persuadir a una víctima para que visite un sitio Web malicioso, un atacante remoto podría explotar esta vulnerabilidad para secuestrar las acciones de clic de la víctima y posiblemente iniciar nuevos ataques contra la víctima. IBM X-Force ID: 179488
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-12-30 CVE Reserved
- 2020-06-15 CVE Published
- 2023-03-08 EPSS Updated
- 2024-09-17 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-1021: Improper Restriction of Rendered UI Layers or Frames
CAPEC
References (2)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/179488 | 2020-06-18 | |
| https://www.ibm.com/support/pages/node/6221448 | 2020-06-18 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Ibm Search vendor "Ibm" | Spectrum Protect Client Search vendor "Ibm" for product "Spectrum Protect Client" | >= 8.1.7.0 <= 8.1.9.1 Search vendor "Ibm" for product "Spectrum Protect Client" and version " >= 8.1.7.0 <= 8.1.9.1" | - |
Affected
| in | Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | - | - |
Safe
|
| Ibm Search vendor "Ibm" | Spectrum Protect Client Search vendor "Ibm" for product "Spectrum Protect Client" | >= 8.1.7.0 <= 8.1.9.1 Search vendor "Ibm" for product "Spectrum Protect Client" and version " >= 8.1.7.0 <= 8.1.9.1" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|
| Ibm Search vendor "Ibm" | Spectrum Protect Client Search vendor "Ibm" for product "Spectrum Protect Client" | >= 8.1.9.0 <= 8.1.9.1 Search vendor "Ibm" for product "Spectrum Protect Client" and version " >= 8.1.9.0 <= 8.1.9.1" | - |
Affected
| in | Ibm Search vendor "Ibm" | Aix Search vendor "Ibm" for product "Aix" | - | - |
Safe
|
| Ibm Search vendor "Ibm" | Spectrum Protect For Space Management Search vendor "Ibm" for product "Spectrum Protect For Space Management" | >= 8.1.7.0 <= 8.1.9.1 Search vendor "Ibm" for product "Spectrum Protect For Space Management" and version " >= 8.1.7.0 <= 8.1.9.1" | - |
Affected
| in | Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | - | - |
Safe
|
| Ibm Search vendor "Ibm" | Spectrum Protect For Space Management Search vendor "Ibm" for product "Spectrum Protect For Space Management" | >= 8.1.9.0 <= 8.1.9.1 Search vendor "Ibm" for product "Spectrum Protect For Space Management" and version " >= 8.1.9.0 <= 8.1.9.1" | - |
Affected
| in | Ibm Search vendor "Ibm" | Aix Search vendor "Ibm" for product "Aix" | - | - |
Safe
|