ibm control-desk CVE-2020-4409 vulnerability in IBM Products
Published on September 16, 2020

IBM Maximo Asset Management 7.6.0 and 7.6.1 could allow a remote attacker to conduct phishing attacks, using a tabnabbing attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 179537.

NVD


Products Associated with CVE-2020-4409

Want to know whenever a new CVE is published for IBM products? stack.watch will email you.

IBM Control Desk
 
IBM Maximo Asset Configuration Manager
 
IBM Maximo Asset Health Insights
 
IBM Maximo Asset Management
 
IBM Maximo Asset Management Scheduler
 
IBM Maximo Asset Management Scheduler Plus
 
IBM Maximo Calibration
 
IBM Maximo Enterprise Adapter
 
IBM Maximo Equipment Maintenance Assistant
 
IBM Maximo For Aviation
 
IBM Maximo For Life Sciences
 
IBM Maximo For Nuclear Power
 
IBM Maximo For Oil And Gas
 
IBM Maximo For Service Providers
 
IBM Maximo For Transportation
 
IBM Maximo For Utilities
 
IBM Maximo Linear Asset Manager
 
IBM Maximo Network On Blockchain
 
IBM Maximo Spatial Asset Management
 
IBM Tivoli Integration Composer
 

Affected Versions

IBM Maximo Asset Management:

Exploit Probability

EPSS
0.16%
Percentile
36.92%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.