Design/Logic Flaw

2020-09-1616:15:00

PRIOn knowledge base

www.prio-n.com

7.5 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

66.3%

JSON

IBM Maximo Asset Management 7.6.0 and 7.6.1 could allow a remote attacker to conduct phishing attacks, using a tabnabbing attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 179537.

CPENameOperatorVersion
control_deskeq7.6.1
control_deskeq7.6.1.1
maximo_asset_configuration_managereq7.6.7.1
maximo_asset_configuration_managereq7.6.7
maximo_asset_configuration_managereq7.6.6
maximo_asset_health_insightseq7.6.1
maximo_asset_health_insightseq7.6.1.1
maximo_asset_managementlt7.6.1.2
maximo_asset_management_schedulereq7.6.7.3
maximo_asset_management_schedulereq7.6.7.1

Name	Operator	Version
control_desk	eq	7.6.1
control_desk	eq	7.6.1.1
maximo_asset_configuration_manager	eq	7.6.7.1
maximo_asset_configuration_manager	eq	7.6.7
maximo_asset_configuration_manager	eq	7.6.6
maximo_asset_health_insights	eq	7.6.1
maximo_asset_health_insights	eq	7.6.1.1
maximo_asset_management	lt	7.6.1.2
maximo_asset_management_scheduler	eq	7.6.7.3
maximo_asset_management_scheduler	eq	7.6.7.1