CVE-2020-4653
First published: Wed Aug 19 2020(Updated: )
IBM Planning Analytics 2.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Planning Analytics | =2.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of the IBM Planning Analytics vulnerability?
The vulnerability ID is CVE-2020-4653.
What is the severity rating of CVE-2020-4653?
The severity rating of CVE-2020-4653 is medium.
How does CVE-2020-4653 allow remote attackers to conduct phishing attacks?
CVE-2020-4653 allows remote attackers to conduct phishing attacks by using an open redirect attack to spoof the URL displayed to redirect users to a malicious website.
What software is affected by CVE-2020-4653?
IBM Planning Analytics 2.0 is affected by CVE-2020-4653.
Are there any references available for CVE-2020-4653?
Yes, you can find references for CVE-2020-4653 at the following links: [link1](https://exchange.xforce.ibmcloud.com/vulnerabilities/186082), [link2](https://www.ibm.com/support/pages/node/6254788).
- collector/nvd-index
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/type
- agent/tags
- agent/event
- agent/description
- agent/remedy
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/ibm
- canonical/ibm planning analytics
- version/ibm planning analytics/2.0