7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
6.3 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
27.2%
Modification of Assumed-Immutable Data (MAID) affects the MER facility of IBM Financial Transaction Manager for SWIFT Services. This vulnerability is addressed.
CVEID:CVE-2023-49880
**DESCRIPTION:**In the Message Entry and Repair (MER) facility of Financial Transaction Manager for SWIFT Services the sending address and the message type of FIN messages are assumed to be immutable. However, an attacker might modify these elements of a business transaction.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/273183 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
Affected Product(s) | Version(s) |
---|---|
IBM Financial Transaction Manager for SWIFT Services for Multiplatforms | 3.2.4 |
Install Fix Pack 11 of IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4
None
CPE | Name | Operator | Version |
---|---|---|---|
ibm financial transaction manager for swift services | eq | 3.2.4 |
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
6.3 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
27.2%