Vulnerabilities > IBM > Financial Transaction Manager > 3.2.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-10 | CVE-2020-5002 | Improper Input Validation vulnerability in IBM Financial Transaction Manager IBM Financial Transaction Manager 3.2.0 through 3.2.10 could allow an authenticated user to perform unauthorized actions due to improper validation. | 8.8 |
| 2023-03-01 | CVE-2020-5001 | Path Traversal vulnerability in IBM Financial Transaction Manager IBM Financial Transaction Manager 3.2.0 through 3.2.7 could allow a remote attacker to traverse directories on the system. | 7.5 |
| 2023-03-01 | CVE-2020-5026 | Unspecified vulnerability in IBM Financial Transaction Manager IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.2.0 through 3.2.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 7.5 |
| 2022-06-15 | CVE-2019-4575 | SQL Injection vulnerability in IBM Financial Transaction Manager IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.2.0 through 3.2.9 is vulnerable to SQL injection. | 9.8 |
| 2020-12-21 | CVE-2020-4555 | Session Fixation vulnerability in IBM Financial Transaction Manager IBM Financial Transaction Manager 3.0.6 and 3.1.0 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. | 5.4 |