Clickjacking Vulnerability in IBM Spectrum Protect Client and Space Management
CVE-2020-4406

5.4MEDIUM

Summary

The vulnerability present in IBM Spectrum Protect Client and Space Management allows a remote attacker to trick a victim into clicking on malicious content. By leading unsuspecting users to a harmful website, the attacker can hijack the victim's click actions. This exploitation could facilitate further attacks against the victim without their informed consent. Affected versions include certain releases on Linux, Windows, and AIX platforms, emphasizing the necessity for users to assess their systems and apply necessary patches to mitigate this risk.

Affected Version(s)

Spectrum Protect Client (AIX) 8.1.9.0

Spectrum Protect Client (AIX) 8.1.9.1

Spectrum Protect Client (Linux and Windows) 8.1.7.0

References

CVSS V3.1

Score:
5.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.