Vulnerability Description
IBM Spectrum Protect Client 8.1.7.0 through 8.1.9.1 (Linux and Windows), 8.1.9.0 trough 8.1.9.1 (AIX) and IBM Spectrum Protect for Space Management 8.1.7.0 through 8.1.9.1 (Linux), 8.1.9.0 through 8.1.9.1 (AIX) web user interfaces could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 179488.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Spectrum Protect Client | >= 8.1.7.0, <= 8.1.9.1 |
| Linux | Linux Kernel | - |
| Microsoft | Windows | - |
| Ibm | Aix | - |
| Ibm | Spectrum Protect For Space Management | >= 8.1.7.0, <= 8.1.9.1 |
Related Weaknesses (CWE)
References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/179488VDB EntryVendor Advisory
- https://www.ibm.com/support/pages/node/6221448Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/179488VDB EntryVendor Advisory
- https://www.ibm.com/support/pages/node/6221448Vendor Advisory
FAQ
What is CVE-2020-4406?
CVE-2020-4406 is a vulnerability with a CVSS score of 5.4 (MEDIUM). IBM Spectrum Protect Client 8.1.7.0 through 8.1.9.1 (Linux and Windows), 8.1.9.0 trough 8.1.9.1 (AIX) and IBM Spectrum Protect for Space Management 8.1.7.0 through 8.1.9.1 (Linux), 8.1.9.0 through 8.1...
How severe is CVE-2020-4406?
CVE-2020-4406 has been rated MEDIUM with a CVSS base score of 5.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-4406?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Spectrum Protect Client, Linux Linux Kernel, Microsoft Windows, Ibm Aix, Ibm Spectrum Protect For Space Management.