CVE-2018-1391
https://notcve.org/view.php?id=CVE-2018-1391
IBM Financial Transaction Manager 3.0.4 and 3.1.0 for ACH Services for Multi-Platform could allow an authenticated user to execute a specially crafted command that could cause a denial of service. IBM X-Force ID: 138376. IBM Financial Transaction Manager 3.0.4 y 3.1.0 para ACH Services Multi-Platform podría permitir que un usuario autenticado ejecute un comando especialmente manipulado que podría provocar una denegación de servicio. IBM X-Force ID: 138376. • http://www.ibm.com/support/docview.wss?uid=swg22013247 http://www.securityfocus.com/bid/103352 https://exchange.xforce.ibmcloud.com/vulnerabilities/138376 •
CVE-2018-1392
https://notcve.org/view.php?id=CVE-2018-1392
IBM Financial Transaction Manager 3.0.4 and 3.1.0 for ACH Services for Multi-Platform could allow an authenticated user to execute a specially crafted command that could obtain sensitive information. IBM X-Force ID: 138377. IBM Financial Transaction Manager 3.0.4 y 3.1.0 para ACH Services Multi-Platform podría permitir que un usuario autenticado ejecute un comando especialmente manipulado que podría obtener información sensible. IBM X-Force ID: 138377. • http://www.ibm.com/support/docview.wss?uid=swg22013249 https://exchange.xforce.ibmcloud.com/vulnerabilities/138377 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2017-1758
https://notcve.org/view.php?id=CVE-2017-1758
IBM Financial Transaction Manager for ACH Services for Multi-Platform (IBM Control Center 6.0 and 6.1, IBM Financial Transaction Manager 3.0.2, 3.0.3, 3.0.4, and 3.1.0, IBM Transformation Extender Advanced 9.0) is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 135859. IBM Financial Transaction Manager para ACH Services Multi-Platform (IBM Control Center 6.0 y 6.1; IBM Financial Transaction Manager 3.0.2, 3.0.3, 3.0.4 y 3.1.0; IBM Transformation Extender Advanced 9.0) es vulnerable a un ataque de XEE (XML External Entity) al procesar datos XML. Un atacante remoto podría explotar esta vulnerabilidad para exponer información sensible o consumir recursos de la memoria. • http://www.ibm.com/support/docview.wss?uid=swg22012828 http://www.ibm.com/support/docview.wss?uid=swg22013375 http://www.ibm.com/support/docview.wss?uid=swg22013432 http://www.securityfocus.com/bid/103130 https://exchange.xforce.ibmcloud.com/vulnerabilities/135859 • CWE-611: Improper Restriction of XML External Entity Reference •