Reverse Tabnabbing Vulnerability in IBM Spectrum Copy Data Management
CVE-2022-30610

4.4MEDIUM

Key Information:

Vendor
IBM
Status
Spectrum Copy Data Management
Vendor
CVE Published:
10 June 2022

Summary

IBM Spectrum Copy Data Management versions 2.2.0.0 through 2.2.15.0 are susceptible to a reverse tabnabbing vulnerability, which can be exploited via malicious URLs entered by an administrator. This allows an attacker to potentially rewrite the original page with a phishing page when another administrator clicks the malicious link. Proper security measures should be taken to avoid such exploitation.

Affected Version(s)

Spectrum Copy Data Management 2.2.0.0

Spectrum Copy Data Management 2.2.15.0

References

https://www.ibm.com/support/pages/node/6593721
x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/227363
vdb-entryx_refsource_XF

CVSS V3.1

Score:
4.4
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.