The OAC component in IBM Financial Transaction Manager (FTM) 2.0 before 2.0.0.3 does not properly enforce operator-intervention requirements, which allows remote authenticated users to bypass intended access restrictions via an unspecified process step.
CPE | Name | Operator | Version |
---|---|---|---|
financial_transaction_manager | eq | 2.0.0.2 | |
financial_transaction_manager | eq | 2.0.0.0 | |
financial_transaction_manager | eq | 2.0.0.1 |