CPE Details
IBM Financial Transaction Manager 3.2.3 for Digital Payments
3.2.3
2020-12-22
13h54 +00:00
13h54 +00:00
2021-06-07
11h20 +00:00
11h20 +00:00
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
CPE Name: cpe:2.3:a:ibm:financial_transaction_manager:3.2.3:*:*:*:*:digital_payments:*:*
Informations
Vendor
ibmProduct
financial_transaction_managerVersion
3.2.3Target Software
digital_paymentsRelated CVE
| CVE ID | Publié | Description | Score | Gravité |
|---|---|---|---|---|
| IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.2.0 through 3.2.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 193662. | 7.5 |
Haute |
||
| IBM Financial Transaction Manager 3.2.0 through 3.2.10 could allow an authenticated user to perform unauthorized actions due to improper validation. IBM X-Force ID: 192954. | 8.8 |
Haute |
||
| IBM Financial Transaction Manager 3.2.0 through 3.2.7 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 192953. | 7.5 |
Haute |
||
| IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.2.0 through 3.2.9 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 166801. | 9.8 |
Critique |
||
| IBM Financial Transaction Manager 3.0.6 and 3.1.0 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 183328. | 5.4 |
Moyen |
2025©
tesweb SA
