CVE-2020-4490
CVE-2020-4490
Vexday Risk Score
13Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 5.3EPSS 0.9%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
29 may 2020Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
IBM Business Automation Workflow 18 and 19, and IBM Business Process Manager 8.0, 8.5, and 8.6 could allow a remote attacker to bypass security restrictions, caused by a reverse tabnabbing flaw. An attacker could exploit this vulnerability and redirect a vitcim to a phishing site. IBM X-Force ID: 181989
CVSS:3.0/UI:R/S:U/AV:N/PR:N/A:N/AC:H/I:H/C:N/E:U/RL:O/RC:C