Ibm Financial Transaction Manager — known CVE vulnerabilities
Every CVE whose affected-product data names Ibm Financial Transaction Manager, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (46)
CVE-2019-4575 — CVSS 9.8 (critical): IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.2.0 through 3.2.9 is vulnerable to SQL injection. A remote…
CVE-2019-4032 — CVSS 9.8 (critical): IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.1.0 is vulnerable to SQL injection. A remote attacker could…
CVE-2020-5003 — CVSS 9.1 (critical): IBM Financial Transaction Manager 3.2.4 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote…
CVE-2021-39044 — CVSS 8.8 (high): IBM Financial Transaction Manager 3.2.4 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and…
CVE-2017-1606 — CVSS 8.8 (high): IBM Financial Transaction Manager (FTM) for Multi-Platform (MP) 3.0.0.0 through 3.0.0.7 is vulnerable to SQL injection. A remote attacker…
CVE-2021-39066 — CVSS 8.8 (high): IBM Financial Transaction Manager 3.2.4 does not invalidate session any existing session identifier gives an attacker the opportunity to…
CVE-2016-0272 — CVSS 8.0 (high): Cross-site request forgery (CSRF) vulnerability in IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Platform 2.1.1.2 and…
CVE-2023-49880 — CVSS 7.5 (high): In the Message Entry and Repair (MER) facility of IBM Financial Transaction Manager for SWIFT Services 3.2.4 the sending address and the…
CVE-2017-1758 — CVSS 7.1 (high): IBM Financial Transaction Manager for ACH Services for Multi-Platform (IBM Control Center 6.0 and 6.1, IBM Financial Transaction Manager…
CVE-2023-35892 — CVSS 7.1 (high): IBM Financial Transaction Manager for SWIFT Services 3.2.4 is vulnerable to an XML External Entity Injection (XXE) attack when processing…
CVE-2014-0831 — CVSS 6.8 (medium): Cross-site request forgery (CSRF) vulnerability in the OAC component in IBM Financial Transaction Manager (FTM) 2.0 before 2.0.0.3 allows…
CVE-2017-1538 — CVSS 6.5 (medium): IBM Financial Transaction Manager for ACH Services for Multi-Platform 3.0.2 could allow an authenticated user to obtain sensitive…
CVE-2018-1391 — CVSS 6.5 (medium): IBM Financial Transaction Manager 3.0.4 and 3.1.0 for ACH Services for Multi-Platform could allow an authenticated user to execute a…
CVE-2016-0276 — CVSS 6.3 (medium): IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transaction…
CVE-2018-1819 — CVSS 6.3 (medium): IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.0.2, 3.0.4, 3.0.6, and 3.2.0 is vulnerable to SQL injection. A…
CVE-2022-43875 — CVSS 6.2 (medium): IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 could allow an authenticated user to lock additional RM…
CVE-2020-4560 — CVSS 6.1 (medium): IBM Financial Transaction Manager 3.2.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary…
CVE-2016-3060 — CVSS 5.7 (medium): Payments Director in IBM Financial Transaction Manager (FTM) for ACH Services, Check Services, and Corporate Payment Services (CPS) 3.0.0.x…
CVE-2014-0833 — CVSS 5.5 (medium): The OAC component in IBM Financial Transaction Manager (FTM) 2.0 before 2.0.0.3 does not properly enforce operator-intervention…
CVE-2020-5000 — CVSS 5.4 (medium): IBM Financial Transaction Manager 3.2.0 through 3.2.8 is vulnerable to cross-site scripting. This vulnerability allows users to embed…
CVE-2021-29841 — CVSS 5.4 (medium): IBM Financial Transaction Manager 3.2.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary…
CVE-2016-0274 — CVSS 5.4 (medium): IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transaction…
CVE-2016-5920 — CVSS 5.4 (medium): Cross-site scripting (XSS) vulnerability in the Web UI in IBM Financial Transaction Manager (FTM) for ACH Services 3.0.0.x before fp0015…
CVE-2017-1160 — CVSS 5.4 (medium): IBM Financial Transaction Manager for ACH Services for Multi-Platform 3.0.0.x is vulnerable to cross-site scripting. This vulnerability…
CVE-2018-1871 — CVSS 5.4 (medium): IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.0.0, 3.0.2, and 3.0.5 is vulnerable to cross-site scripting…
CVE-2018-1390 — CVSS 5.4 (medium): IBM Financial Transaction Manager for Check Services for Multi-Platform 3.0, 3.0.2, and 3.0.2.1 is vulnerable to cross-site scripting. This…
CVE-2020-4555 — CVSS 5.4 (medium): IBM Financial Transaction Manager 3.0.6 and 3.1.0 does not invalidate session after logout which could allow an authenticated user to…
CVE-2016-0253 — CVSS 5.4 (medium): Cross-site scripting (XSS) vulnerability in IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x…
CVE-2022-43872 — CVSS 5.3 (medium): IBM Financial Transaction Manager 3.2.4 authorization checks are done incorrectly for some HTTP requests which allows getting unauthorized…
CVE-2018-2026 — CVSS 4.3 (medium): IBM Financial Transaction Manager 3.2.1 for Digital Payments could allow an authenticated user to obtain a directory listing of internal…
CVE-2016-0231 — CVSS 4.3 (medium): IBM Financial Transaction Manager (FTM) for ACH Services, Check Services and Corporate Payment Services (CPS) 3.0.0 before FP12 allows…
CVE-2016-0232 — CVSS 4.3 (medium): IBM Financial Transaction Manager (FTM) for ACH Services, Check Services and Corporate Payment Services (CPS) 3.0.0 before FP12 allows…
CVE-2016-0268 — CVSS 4.3 (medium): XML external entity (XXE) vulnerability in IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x…
CVE-2017-1152 — CVSS 4.3 (medium): IBM Financial Transaction Manager 3.0.1 and 3.0.2 does not properly update the SESSIONID with each request, which could allow a user to…
CVE-2018-1790 — CVSS 4.3 (medium): IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.0.2 is vulnerable to cross-site request forgery which could…
CVE-2020-5001 — CVSS 4.3 (medium): IBM Financial Transaction Manager 3.2.0 through 3.2.7 could allow a remote attacker to traverse directories on the system. An attacker…
CVE-2020-5002 — CVSS 4.3 (medium): IBM Financial Transaction Manager 3.2.0 through 3.2.10 could allow an authenticated user to perform unauthorized actions due to improper…
CVE-2020-5026 — CVSS 4.3 (medium): IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.2.0 through 3.2.7 could allow a remote attacker to obtain…
CVE-2014-0830 — CVSS 4.0 (medium): Directory traversal vulnerability in the table-export implementation in the OAC component in IBM Financial Transaction Manager (FTM) 2.0…
CVE-2020-4556 — CVSS 4.0 (medium): IBM Financial Transaction Manager for High Value Payments for Multi-Platform 3.2.0 through 3.2.10 allows web pages to be stored locally…
CVE-2014-0832 — CVSS 3.5 (low): Multiple cross-site scripting (XSS) vulnerabilities in configuration-details screens in the OAC component in IBM Financial Transaction…
CVE-2016-0275 — CVSS 3.3 (low): IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transaction…
CVE-2018-1393 — CVSS 3.1 (low): IBM Financial Transaction Manager for ACH Services for Multi-Platform 3.0.6 could allow an authenticated user to execute a specially…
CVE-2018-1670 — CVSS 3.1 (low): IBM Financial Transaction Manager for ACH Services for Multi-Platform 3.0.2 could allow an authenticated user to obtain sensitive product…
CVE-2018-1392 — CVSS 3.1 (low): IBM Financial Transaction Manager 3.0.4 and 3.1.0 for ACH Services for Multi-Platform could allow an authenticated user to execute a…