Page 2 of 7 results (0.008 seconds)

CVSS: 3.5EPSS: 0%CPEs: 2EXPL: 0

IBM Financial Transaction Manager 3.0.4 and 3.1.0 for ACH Services for Multi-Platform could allow an authenticated user to execute a specially crafted command that could obtain sensitive information. IBM X-Force ID: 138377. IBM Financial Transaction Manager 3.0.4 y 3.1.0 para ACH Services Multi-Platform podría permitir que un usuario autenticado ejecute un comando especialmente manipulado que podría obtener información sensible. IBM X-Force ID: 138377. • http://www.ibm.com/support/docview.wss?uid=swg22013249 https://exchange.xforce.ibmcloud.com/vulnerabilities/138377 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.1EPSS: 0%CPEs: 12EXPL: 0

IBM Financial Transaction Manager for ACH Services for Multi-Platform (IBM Control Center 6.0 and 6.1, IBM Financial Transaction Manager 3.0.2, 3.0.3, 3.0.4, and 3.1.0, IBM Transformation Extender Advanced 9.0) is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 135859. IBM Financial Transaction Manager para ACH Services Multi-Platform (IBM Control Center 6.0 y 6.1; IBM Financial Transaction Manager 3.0.2, 3.0.3, 3.0.4 y 3.1.0; IBM Transformation Extender Advanced 9.0) es vulnerable a un ataque de XEE (XML External Entity) al procesar datos XML. Un atacante remoto podría explotar esta vulnerabilidad para exponer información sensible o consumir recursos de la memoria. • http://www.ibm.com/support/docview.wss?uid=swg22012828 http://www.ibm.com/support/docview.wss?uid=swg22013375 http://www.ibm.com/support/docview.wss?uid=swg22013432 http://www.securityfocus.com/bid/103130 https://exchange.xforce.ibmcloud.com/vulnerabilities/135859 • CWE-611: Improper Restriction of XML External Entity Reference •