Lucene search

[email protected]NVD:CVE-2014-0831

HistoryFeb 01, 2014 - 3:55 p.m.

CVE-2014-0831

2014-02-0115:55:04

CWE-352

[email protected]

web.nvd.nist.gov

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

48.8%

JSON

Cross-site request forgery (CSRF) vulnerability in the OAC component in IBM Financial Transaction Manager (FTM) 2.0 before 2.0.0.3 allows remote attackers to hijack the authentication of arbitrary users for requests that modify configuration data.

Affected configurations

NVD

Node

ibmfinancial_transaction_managerMatch2.0.0.0

ibmfinancial_transaction_managerMatch2.0.0.1

ibmfinancial_transaction_managerMatch2.0.0.2

References

osvdb.org/102766

www-01.ibm.com/support/docview.wss?uid=swg21662714

exchange.xforce.ibmcloud.com/vulnerabilities/90585

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

48.8%

JSON

Related for NVD:CVE-2014-0831

prion1 cve1 cvelist1 ibm1