NotCVE - vendor:"Ibm" product:"Financial Transaction Manager For Multiplatform" version:"3.2.4"

7 results (0.002 seconds)

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2022-43871 – IBM Financial Transaction Manager for SWIFT Services cross-site scripting

https://notcve.org/view.php?id=CVE-2022-43871

29 Apr 2023 — IBM Financial Transaction Manager for SWIFT Services 3.2.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 239707. • https://exchange.xforce.ibmcloud.com/vulnerabilities/239707 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2020-4908

https://notcve.org/view.php?id=CVE-2020-4908

16 Dec 2020 — IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 returns the product version and release information on the login dialog. This information could be used in further attacks against the system. IBM Financial Transaction Manager for SWIFT Services for Multiplatforms versión 3.2.4, devuelve la versión del producto y la información de release en el diálogo de inicio de sesión. Esta información podría ser usada en futuros ataques contra el sistema • https://exchange.xforce.ibmcloud.com/vulnerabilities/191113 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2020-4907

https://notcve.org/view.php?id=CVE-2020-4907

16 Dec 2020 — IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM Financial Transaction Manager for SWIFT Services for Multiplatforms versión 3.2.4, podría permitir a un atacante remoto obtener información confidencial cuando un mensaje de error técnico detallado es devuelto en el navegador. Est... • https://exchange.xforce.ibmcloud.com/vulnerabilities/191112 • CWE-209: Generation of Error Message Containing Sensitive Information •

CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0

CVE-2020-4906

https://notcve.org/view.php?id=CVE-2020-4906

16 Dec 2020 — IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 allows web pages to be stored locally which can be read by another user on the system. IBM Financial Transaction Manager for SWIFT Services for Multiplatforms versión 3.2.4, permite que las páginas web sean almacenadas localmente y que puedan ser leídas por otro usuario en el sistema • https://exchange.xforce.ibmcloud.com/vulnerabilities/191110 • CWE-922: Insecure Storage of Sensitive Information •

CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0

CVE-2020-4905

https://notcve.org/view.php?id=CVE-2020-4905

16 Dec 2020 — IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 could allow an remote attacker to obtain sensitive information, caused by a man in the middle attack. By SSL striping, an attacker could exploit this vulnerability to obtain sensitive information. IBM Financial Transaction Manager for SWIFT Services for Multiplatforms versión 3.2.4, podría permitir a un atacante remoto obtener información confidencial, causada por un ataque de tipo man in the middle. Mediante bandas SSL, un atacan... • https://exchange.xforce.ibmcloud.com/vulnerabilities/191109 •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2020-4904

https://notcve.org/view.php?id=CVE-2020-4904

16 Dec 2020 — IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM Financial Transaction Manager for SWIFT Services for Multiplatforms versión 3.2.4, es vulnerable a un ataque de tipo cross-site request forgery, lo que podría permitir a un atacante ejecutar acciones maliciosas y no autorizadas transmitidas por un usuario en el... • https://exchange.xforce.ibmcloud.com/vulnerabilities/191106 • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2020-4328

https://notcve.org/view.php?id=CVE-2020-4328

03 Aug 2020 — IBM Financial Transaction Manager 3.2.4 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 177839. IBM Financial Transaction Manager versión 3.2.4, es vulnerable a una inyección SQL. Un atacante remoto podría enviar sentencias SQL especialmente diseñadas, lo que podría permitir a un atacante visualizar, agregar, modificar o eliminar información en la... • https://exchange.xforce.ibmcloud.com/vulnerabilities/177839 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •