Reverse Tabnabbing Vulnerability in IBM Spectrum Copy Data Management
CVE-2022-30610

4.4MEDIUM

Key Information:

Vendor: IBM
Status: Spectrum Copy Data Management
Vendor: CVE Published:; 10 June 2022

What is CVE-2022-30610?

IBM Spectrum Copy Data Management versions 2.2.0.0 through 2.2.15.0 are susceptible to a reverse tabnabbing vulnerability, which can be exploited via malicious URLs entered by an administrator. This allows an attacker to potentially rewrite the original page with a phishing page when another administrator clicks the malicious link. Proper security measures should be taken to avoid such exploitation.

Affected Version(s)

Spectrum Copy Data Management 2.2.0.0

Spectrum Copy Data Management 2.2.15.0

References

https://www.ibm.com/support/pages/node/6593721

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/227363

vdb-entryx_refsource_XF

CVSS V3.1

Score:

4.4

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 10, 2022
Vulnerability Reserved
May 12, 2022