What is CVE-2022-30610?

CVE-2022-30610 is a vulnerability in IBM Spectrum Copy Data Management that allows a malicious page to rewrite it through a technique called reverse tabnabbing.

How does IBM Spectrum Copy Data Management become vulnerable to reverse tabnabbing?

IBM Spectrum Copy Data Management becomes vulnerable to reverse tabnabbing when an administrator enters a link to a malicious URL within the software.

What is the impact of CVE-2022-30610?

The impact of CVE-2022-30610 is that it allows an attacker to redirect a user to a malicious website, potentially leading to further exploitation.

Which versions of IBM Spectrum Copy Data Management are affected by CVE-2022-30610?

Versions 2.2.0.0-2.2.15.0 of IBM Spectrum Copy Data Management are affected by CVE-2022-30610.

How can the vulnerability CVE-2022-30610 be fixed?

To fix the vulnerability CVE-2022-30610, it is recommended to update IBM Spectrum Copy Data Management to a version that is not affected by the vulnerability.

Vulnerability/
CVE-2022-30610

medium

4.5

CWE

269

9/6/2022

10/6/2022

16/9/2024

CVE-2022-30610

First published: Thu Jun 09 2022(Updated: )

IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.15.0 is vulnerable to reverse tabnabbing where it could allow a page linked to from within IBM Spectrum Copy Data Management to rewrite it. An administrator could enter a link to a malicious URL that another administrator could then click. Once clicked, that malicious URL could then rewrite the original page with a phishing page. IBM X-Force ID: 227363.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM Spectrum Copy Data Management	>=2.2.0.0<=2.2.15.0
Linux Linux kernel
	<=2.2.0.0-2.2.15.0

Remedy

https://www.ibm.com/support/pages/node/6593721

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

IBM-6593721

Frequently Asked Questions

What is CVE-2022-30610?
CVE-2022-30610 is a vulnerability in IBM Spectrum Copy Data Management that allows a malicious page to rewrite it through a technique called reverse tabnabbing.
How does IBM Spectrum Copy Data Management become vulnerable to reverse tabnabbing?
IBM Spectrum Copy Data Management becomes vulnerable to reverse tabnabbing when an administrator enters a link to a malicious URL within the software.
What is the impact of CVE-2022-30610?
The impact of CVE-2022-30610 is that it allows an attacker to redirect a user to a malicious website, potentially leading to further exploitation.
Which versions of IBM Spectrum Copy Data Management are affected by CVE-2022-30610?
Versions 2.2.0.0-2.2.15.0 of IBM Spectrum Copy Data Management are affected by CVE-2022-30610.
How can the vulnerability CVE-2022-30610 be fixed?
To fix the vulnerability CVE-2022-30610, it is recommended to update IBM Spectrum Copy Data Management to a version that is not affected by the vulnerability.

collector/nvd-index
agent/type
agent/references
agent/last-modified-date
agent/first-publish-date
collector/ibm-support
source/IBM
agent/software-canonical-lookup
agent/weakness
agent/remedy
agent/author
agent/severity
agent/softwarecombine
agent/description
agent/tags
agent/event
collector/mitre-cve
source/MITRE
vendor/ibm
canonical/ibm spectrum copy data management
version/ibm spectrum copy data management/2.2.0.0
version/ibm spectrum copy data management/2.2.15.0
vendor/linux
canonical/linux linux kernel
version/ibm spectrum copy data management/2.2.0.0-2.2.15.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.