CVE-2020-4409 vulnerability in IBM Products
Published on September 16, 2020

IBM Maximo Asset Management 7.6.0 and 7.6.1 could allow a remote attacker to conduct phishing attacks, using a tabnabbing attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 179537.

NVD

Products Associated with CVE-2020-4409

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2020-4409 are published in these products:

IBM Control Desk

IBM Maximo Asset Configuration Manager

IBM Maximo Asset Health Insights

IBM Maximo Asset Management

IBM Maximo Asset Management Scheduler

IBM Maximo Asset Management Scheduler Plus

IBM Maximo Calibration

IBM Maximo Enterprise Adapter

IBM Maximo Equipment Maintenance Assistant

IBM Maximo For Aviation

IBM Maximo For Life Sciences

IBM Maximo For Nuclear Power

IBM Maximo For Oil And Gas

IBM Maximo For Service Providers

IBM Maximo For Transportation

IBM Maximo For Utilities

IBM Maximo Linear Asset Manager

IBM Maximo Network On Blockchain

IBM Maximo Spatial Asset Management

IBM Tivoli Integration Composer

Affected Versions

IBM Maximo Asset Management:

Version 7.6.0 is affected.
Version 7.6.1 is affected.

Exploit Probability

EPSS

0.16%

Percentile

37.14%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2020-4409 vulnerability in IBM ProductsPublished on September 16, 2020

Products Associated with CVE-2020-4409

Affected Versions

Exploit Probability

CVE-2020-4409 vulnerability in IBM Products
Published on September 16, 2020