Vulnerabilities > IBM > Financial Transaction Manager > 3.2.3

DATE CVE VULNERABILITY TITLE RISK
2023-03-10 CVE-2020-5002 Improper Input Validation vulnerability in IBM Financial Transaction Manager
IBM Financial Transaction Manager 3.2.0 through 3.2.10 could allow an authenticated user to perform unauthorized actions due to improper validation.
network
low complexity
ibm CWE-20
8.8
2023-03-01 CVE-2020-5001 Path Traversal vulnerability in IBM Financial Transaction Manager
IBM Financial Transaction Manager 3.2.0 through 3.2.7 could allow a remote attacker to traverse directories on the system.
network
low complexity
ibm CWE-22
7.5
2023-03-01 CVE-2020-5026 Information Exposure Through an Error Message vulnerability in IBM Financial Transaction Manager
IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.2.0 through 3.2.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser.
network
low complexity
ibm CWE-209
7.5
2022-06-15 CVE-2019-4575 SQL Injection vulnerability in IBM Financial Transaction Manager
IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.2.0 through 3.2.9 is vulnerable to SQL injection.
network
low complexity
ibm CWE-89
7.5
2020-12-21 CVE-2020-4555 Session Fixation vulnerability in IBM Financial Transaction Manager
IBM Financial Transaction Manager 3.0.6 and 3.1.0 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.
network
low complexity
ibm CWE-384
5.5