CVE-2022-22348

Name of the Vulnerable Software and Affected Versions IBM Spectrum Protect Operations Center versions 8.1.0.000 through 8.1.13.xxx

Description The issue allows a page linked to from within Operations Center to rewrite it, potentially leading to reverse tabnabbing. This could enable an administrator to enter a link to a malicious URL that another administrator could then click, resulting in the malicious URL rewriting the original page with a phishing page.

Recommendations For versions 8.1.0.000 through 8.1.13.xxx, consider restricting access to external links within the Operations Center to minimize the risk of exploitation until a fix is available. As a temporary workaround, administrators should exercise caution when clicking on links provided by other administrators to avoid potential phishing attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.