CVE-2020-4644
First published: Tue Jul 28 2020(Updated: )
IBM Planning Analytics Local could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Planning Analytics Local | >=2.0.0<=2.0.9.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2020-4644.
What is the severity of CVE-2020-4644?
The severity of CVE-2020-4644 is medium with a CVSS score of 6.1.
How does CVE-2020-4644 affect IBM Planning Analytics Local?
CVE-2020-4644 affects IBM Planning Analytics Local versions 2.0.0 through 2.0.9.1.
What is the impact of CVE-2020-4644?
CVE-2020-4644 allows a remote attacker to hijack the clicking action of the victim, potentially leading to further attacks.
How can I mitigate CVE-2020-4644?
To mitigate CVE-2020-4644, update IBM Planning Analytics Local to a version outside the affected range (2.0.0 - 2.0.9.1) and educate users about the risks of visiting malicious websites.
- collector/ibm-support
- collector/nvd-index
- agent/author
- agent/severity
- agent/references
- vendor/ibm
- canonical/ibm planning analytics local
- version/ibm planning analytics local/2.0.0
- version/ibm planning analytics local/2.0.9.1