IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.13.xxx is vulnerable to reverse tabnabbing where it could allow a page linked to from within Operations Center to rewrite it. An administrator could enter a link to a malicious URL that another administrator could then click. Once clicked, that malicious URL could then rewrite the original page with a phishing page. IBM X-Force ID: 220139.
References
Link | Resource |
---|---|
https://www.ibm.com/support/pages/node/6562855 | Vendor Advisory |
https://exchange.xforce.ibmcloud.com/vulnerabilities/220139 | VDB Entry Vendor Advisory |
Configurations
Information
Published : 2022-03-14 10:15
Updated : 2022-03-22 06:54
NVD link : CVE-2022-22348
Mitre link : CVE-2022-22348
JSON object : View
CWE
CWE-352
Cross-Site Request Forgery (CSRF)
Products Affected
ibm
- spectrum_protect_operations_center