Vulnerability Name: | CVE-2018-1392 (CCN-138377) | ||||||||||||
Assigned: | 2017-12-13 | ||||||||||||
Published: | 2018-02-19 | ||||||||||||
Updated: | 2018-03-12 | ||||||||||||
Summary: | IBM Financial Transaction Manager 3.0.4 and 3.1.0 for ACH Services for Multi-Platform could allow an authenticated user to execute a specially crafted command that could obtain sensitive information. IBM X-Force ID: 138377. | ||||||||||||
CVSS v3 Severity: | 3.1 Low (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N) 2.7 Low (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C)
2.7 Low (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C)
| ||||||||||||
CVSS v2 Severity: | 3.5 Low (CVSS v2 Vector: AV:N/AC:M/Au:S/C:P/I:N/A:N)
| ||||||||||||
Vulnerability Type: | CWE-200 | ||||||||||||
Vulnerability Consequences: | Obtain Information | ||||||||||||
References: | Source: MITRE Type: CNA CVE-2018-1392 Source: CCN Type: IBM Security Bulletin 2013249 (Financial Transaction Manager) Financial Transaction Manager for ACH Services has a potential input validation vulnerability (CVE-2018-1392) Source: CONFIRM Type: Patch, Vendor Advisory http://www.ibm.com/support/docview.wss?uid=swg22013249 Source: MISC Type: VDB Entry, Vendor Advisory https://exchange.xforce.ibmcloud.com/vulnerabilities/138377 Source: XF Type: UNKNOWN ibm-ftm-cve20181392-info-disc(138377) | ||||||||||||
Vulnerable Configuration: | Configuration 1: Configuration CCN 1: Denotes that component is vulnerable | ||||||||||||
BACK |