Rewterz Threat Alert – Verified Phishing URLs
November 4, 2020Rewterz Threat Advisory – IBM Planning Analytics information disclosure
November 4, 2020Rewterz Threat Alert – Verified Phishing URLs
November 4, 2020Rewterz Threat Advisory – IBM Planning Analytics information disclosure
November 4, 2020Severity
Medium
Analysis Summary
CVE-2020-4785
IBM App Connect Enterprise Certified Container could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim’s click actions and possibly launch further attacks against the victim.
Impact
Gain Access
Affected Vendors
IBM
Affected Products
- IBM App Connect Enterprise Certified Container 1.0.0
- IBM App Connect Enterprise Certified Container 1.0.1
- IBM App Connect Enterprise Certified Container 1.0.2
- IBM App Connect Enterprise Certified Container 1.0.3
- IBM App Connect Enterprise Certified Container 1.0.4
Remediation
Refer to IBM Security Bulletin 6357899 for patch, upgrade or suggested workaround information.