IBM Spectrum Protect till 8.1.9.1 Web User Interface utökade rättigheter

entryeditHistoryDiffjsonxmlCTI

En kritiskt svag punkt identifierades i IBM Spectrum Protect till 8.1.9.1 (Backup Software). Som påverkar en okänd funktion av komponenten Web User Interface. Det finns inga kända uppgifter om åtgärder. Användningen av en alternativ produkt är användbar.

Field16/06/2020 12:05 PM24/10/2020 05:44 PM24/10/2020 05:49 PM
cvss3_vuldb_rlXXX
cvss3_vuldb_rcXXX
cvss3_nvd_basescore5.45.45.4
vendorIBMIBMIBM
nameSpectrum ProtectSpectrum ProtectSpectrum Protect
version<=8.1.9.1<=8.1.9.1<=8.1.9.1
componentWeb User InterfaceWeb User InterfaceWeb User Interface
risk222
cvss2_vuldb_basescore6.06.06.0
cvss2_vuldb_tempscore6.06.06.0
cvss2_vuldb_avNNN
cvss2_vuldb_acMMM
cvss2_vuldb_auSSS
cvss2_vuldb_ciPPP
cvss2_vuldb_iiPPP
cvss2_vuldb_aiPPP
cvss3_meta_basescore5.55.55.5
cvss3_meta_tempscore5.55.55.5
cvss3_vuldb_basescore5.55.55.5
cvss3_vuldb_tempscore5.55.55.5
cvss3_vuldb_avNNN
cvss3_vuldb_acLLL
cvss3_vuldb_prLLL
cvss3_vuldb_uiRRR
cvss3_vuldb_sUUU
cvss3_vuldb_cLLL
cvss3_vuldb_iLLL
cvss3_vuldb_aLLL
date1592179200 (15/06/2020)1592179200 (15/06/2020)1592179200 (15/06/2020)
urlhttps://www.ibm.com/support/pages/node/6221448https://www.ibm.com/support/pages/node/6221448https://www.ibm.com/support/pages/node/6221448
price_0day$5k-$25k$5k-$25k$5k-$25k
price_trend+++
cveCVE-2020-4406CVE-2020-4406CVE-2020-4406
seealso156766156766156766
locationWebsiteWebsiteWebsite
cvss2_vuldb_eNDNDND
cvss2_vuldb_rlNDNDND
cvss2_vuldb_rcNDNDND
cvss3_vuldb_eXXX
typeBackup SoftwareBackup SoftwareBackup Software
cvss3_nvd_avNNN
cvss3_nvd_acLLL
cvss3_nvd_prLLL
cvss3_nvd_uiRRR
cvss3_nvd_sCCC
cvss3_nvd_cLLL
cvss3_nvd_iLLL
cvss3_nvd_aNNN
cve_assigned157766400015776640001577664000
cve_nvd_summaryIBM Spectrum Protect Client 8.1.7.0 through 8.1.9.1 (Linux and Windows), 8.1.9.0 trough 8.1.9.1 (AIX) and IBM Spectrum Protect for Space Management 8.1.7.0 through 8.1.9.1 (Linux), 8.1.9.0 through 8.1.9.1 (AIX) web user interfaces could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 179488.IBM Spectrum Protect Client 8.1.7.0 through 8.1.9.1 (Linux and Windows), 8.1.9.0 trough 8.1.9.1 (AIX) and IBM Spectrum Protect for Space Management 8.1.7.0 through 8.1.9.1 (Linux), 8.1.9.0 through 8.1.9.1 (AIX) web user interfaces could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 179488.IBM Spectrum Protect Client 8.1.7.0 through 8.1.9.1 (Linux and Windows), 8.1.9.0 trough 8.1.9.1 (AIX) and IBM Spectrum Protect for Space Management 8.1.7.0 through 8.1.9.1 (Linux), 8.1.9.0 through 8.1.9.1 (AIX) web user interfaces could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 179488.
cwe451 (utökade rättigheter)451 (utökade rättigheter)451 (utökade rättigheter)
confirm_urlhttps://www.ibm.com/support/pages/node/6221448https://www.ibm.com/support/pages/node/6221448
xforce179488179488
cve_cnaIBM Corporation

Do you need the next level of professionalism?

Upgrade your account now!