CVE-2022-43872
5.3
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary
IBM Financial Transaction Manager 3.2.4 authorization checks are done incorrectly for some HTTP requests which allows getting unauthorized technical information (e.g. event log entries) about the FTM SWIFT system. IBM X-Force ID: 239708.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| IBM | Financial Transaction Manager | 3.2.4 | affected |
Weaknesses
- 285 Improper Authorization
ADP Enrichment
CVE Program Container
Additional References
- https://www.ibm.com/support/pages/node/6848881
- https://exchange.xforce.ibmcloud.com/vulnerabilities/239708
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: yes
- Technical Impact: partial
References
- https://www.ibm.com/support/pages/node/6848881
- https://exchange.xforce.ibmcloud.com/vulnerabilities/239708
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.