Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM48C3CBA6DFC72E530D0629E798E8316B6DB5D5040926DFDBD0E11E360446DD14
HistoryJun 16, 2018 - 8:12 p.m.

Security Bulletin: Financial Transaction Manager for ACH Services has a potential input validation vulnerability (CVE-2018-1392)

2018-06-1620:12:57
www.ibm.com
8

EPSS

0.001

Percentile

18.9%

JSON

Summary

Financial Transaction Manager (FTM) for ACH Services has addressed a potential input validation vulnerability for some web services in the web services component.

Vulnerability Details

CVEID: CVE-2018-1392**
DESCRIPTION:** IBM Financial Transaction Manager for ACH Services for Multi-Platform could allow an authenticated user to execute a specially crafted command that could obtain sensitive information.
CVSS Base Score: 3.1
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/138377&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N)

Affected Products and Versions

- FTM for ACH Services v3.0.4, v3.1.0

Remediation/Fixes

Product

| VRMF| APAR| Remediation/First Fix
—|—|—|—
FTM for ACH Services| 3.0.4.0
3.1.0| PI93292| 3.0.4 apply 3.0.4.1-FTM-ACH-MP-iFix0001 or later.
3.1.0 apply 3.1.0-FTM-ACH-MP-fp0001 or later.

|
|
|

|
|
|

|
|
|

Workarounds and Mitigations

None

Related

nvd 1
cvelist 1
cve 1
prion 1
nvd
nvd
CVE-2018-1392
2018-02-22 19:29:02
cvelist
cvelist
CVE-2018-1392
2018-02-22 19:00:00
cve
cve
CVE-2018-1392
2018-02-22 19:29:02
prion
prion
Command injection
2018-02-22 19:29:00

EPSS

0.001

Percentile

18.9%

JSON
Related for 48C3CBA6DFC72E530D0629E798E8316B6DB5D5040926DFDBD0E11E360446DD14
nvd1cvelist1cve1prion1