How severe is CVE-2020-4406?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.4 out of 10.

What type of vulnerability is CVE-2020-4406?

This is classified as CWE-1021, which is a common weakness in software security.

CVE-2020-4406 - MEDIUM Severity | CVSS 5.4

Vulnerability Description

IBM Spectrum Protect Client 8.1.7.0 through 8.1.9.1 (Linux and Windows), 8.1.9.0 trough 8.1.9.1 (AIX) and IBM Spectrum Protect for Space Management 8.1.7.0 through 8.1.9.1 (Linux), 8.1.9.0 through 8.1.9.1 (AIX) web user interfaces could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 179488.

Related Vulnerabilities

CVE-2019-4285

MEDIUM

CVSS:5.4(Medium)

IBM WebSphere Application Server - Liberty Admin Center could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attack...

CWE-10212019

CVE-2020-15793

MEDIUM

CVSS:5.4(Medium)

A vulnerability has been identified in Desigo Insight (All versions). The device does not properly set the X-Frame-Options HTTP Header which makes it vulnerable to Clickjacking attacks. This could all...

CWE-10212020

CVE-2020-2105

MEDIUM

CVSS:5.4(Medium)

REST API endpoints in Jenkins 2.218 and earlier, LTS 2.204.1 and earlier were vulnerable to clickjacking attacks.

CWE-10212020

CVE-2020-4165

MEDIUM

CVSS:5.4(Medium)

IBM Security Guardium Insights 2.0.1 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit th...

CWE-10212020

CVE-2020-4195

MEDIUM

CVSS:5.4(Medium)

IBM API Connect V2018.4.1.0 through 2018.4.1.10 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could...

CWE-10212020

CVE-2020-4547

MEDIUM

CVSS:5.4(Medium)

IBM Jazz Foundation products could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulne...

CWE-10212020