IBM Financial Transaction Manager 3.0.2.0 ACH Services

CPE Details

IBM Financial Transaction Manager 3.0.2.0 ACH Services
ibm
financial_transaction_manager
3.0.2.0
2017-05-22
14h45 +00:00
2017-05-22
14h45 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:ibm:financial_transaction_manager:3.0.2.0:*:*:*:*:ach_services:*:*

Informations

Vendor

ibm

Product

financial_transaction_manager

Version

3.0.2.0

Target Software

ach_services

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2017-1758 2018-02-21 21h00 +00:00 IBM Financial Transaction Manager for ACH Services for Multi-Platform (IBM Control Center 6.0 and 6.1, IBM Financial Transaction Manager 3.0.2, 3.0.3, 3.0.4, and 3.1.0, IBM Transformation Extender Advanced 9.0) is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 135859.
7.1
High
CVE-2017-1538 2017-10-10 19h00 +00:00 IBM Financial Transaction Manager for ACH Services for Multi-Platform 3.0.2 could allow an authenticated user to obtain sensitive information from an undocumented URL. IBM X-Force ID: 130735.
6.5
Medium
CVE-2017-1152 2017-04-14 14h00 +00:00 IBM Financial Transaction Manager 3.0.1 and 3.0.2 does not properly update the SESSIONID with each request, which could allow a user to obtain the ID in further attacks against the system. IBM X-Force ID: 122293.
4.3
Medium