Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Financial Transaction Manager Security Vulnerabilities

cve
cve

CVE-2021-29841

IBM Financial Transaction Manager 3.2.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 205045.

5.4CVSS

5.2AI Score

0.001EPSS

2021-09-14 02:15 PM
32
cve
cve

CVE-2021-39044

IBM Financial Transaction Manager 3.2.4 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 214210.

8.8CVSS

8.4AI Score

0.001EPSS

2022-02-02 12:15 PM
31
cve
cve

CVE-2021-39066

IBM Financial Transaction Manager 3.2.4 does not invalidate session any existing session identifier gives an attacker the opportunity to steal authenticated sessions. IBM X-Force ID: 215040.

8.8CVSS

8.2AI Score

0.001EPSS

2022-02-02 12:15 PM
31
cve
cve

CVE-2022-43871

IBM Financial Transaction Manager for SWIFT Services 3.2.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-F...

5.4CVSS

5.2AI Score

0.001EPSS

2023-04-29 03:15 AM
36
cve
cve

CVE-2022-43872

IBM Financial Transaction Manager 3.2.4 authorization checks are done incorrectly for some HTTP requests which allows getting unauthorized technical information (e.g. event log entries) about the FTM SWIFT system. IBM X-Force ID: 239708.

5.3CVSS

5AI Score

0.001EPSS

2022-12-20 07:15 PM
42
cve
cve

CVE-2022-43875

IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 could allow an authenticated user to lock additional RM authorizations, resulting in a denial of service on displaying or managing these authorizations. IBM X-Force ID: 240034.

6.2CVSS

5.3AI Score

0.0004EPSS

2022-12-20 07:15 PM
35
cve
cve

CVE-2023-35892

IBM Financial Transaction Manager for SWIFT Services 3.2.4 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 258786.

9.1CVSS

8.7AI Score

0.001EPSS

2023-09-05 12:15 AM
33
cve
cve

CVE-2023-49880

In the Message Entry and Repair (MER) facility of IBM Financial Transaction Manager for SWIFT Services 3.2.4 the sending address and the message type of FIN messages are assumed to be immutable. However, an attacker might modify these elements of a business transaction. IBM X-Force ID: 273183.

7.5CVSS

7.2AI Score

0.001EPSS

2023-12-25 03:15 AM
25
Total number of security vulnerabilities58