Sensitive Information Exposure in IBM Financial Transaction Manager
CVE-2017-1538

6.5MEDIUM

Key Information:

Vendor
IBM
Status
IBM Financial Transaction Manager
Vendor
CVE Published:
10 October 2017

Summary

The IBM Financial Transaction Manager for ACH Services for Multi-Platform version 3.0.2 is vulnerable to a security flaw that permits authenticated users to access sensitive information through an undocumented URL. This vulnerability can potentially expose critical data, making it essential for users to implement corrective measures to safeguard their systems against unauthorized access.

Affected Version(s)

IBM Financial Transaction Manager 3.0.2

References

http://www.securityfocus.com/bid/101198
vdb-entryx_refsource_BID
https://exchange.xforce.ibmcloud.com/vulnerabilities/130735
x_refsource_MISC
http://www.ibm.com/support/docview.wss?uid=swg22008385
x_refsource_CONFIRM

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.