Lucene search

K
cve[email protected]CVE-2014-0833
HistoryFeb 01, 2014 - 3:55 p.m.

CVE-2014-0833

2014-02-0115:55:04
CWE-264
web.nvd.nist.gov
18
ibm financial transaction manager
oac
cve-2014-0833
security vulnerability
access restrictions

6.2 Medium

AI Score

Confidence

Low

5.5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:P/A:N

0.001 Low

EPSS

Percentile

42.3%

The OAC component in IBM Financial Transaction Manager (FTM) 2.0 before 2.0.0.3 does not properly enforce operator-intervention requirements, which allows remote authenticated users to bypass intended access restrictions via an unspecified process step.

Affected configurations

NVD
Node
ibmfinancial_transaction_managerMatch2.0.0.0
OR
ibmfinancial_transaction_managerMatch2.0.0.1
OR
ibmfinancial_transaction_managerMatch2.0.0.2

6.2 Medium

AI Score

Confidence

Low

5.5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:P/A:N

0.001 Low

EPSS

Percentile

42.3%

Related for CVE-2014-0833