CVE-2014-0833IBM Financial Transaction Manager vulnerability

CWE-2643 documents3 sources
Severity
5.5MEDIUMNVD
EPSS
0.2%
top 63.86%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Financial Transaction Manager
Timeline
PublishedFeb 1
Latest updateMay 14

Description

The OAC component in IBM Financial Transaction Manager (FTM) 2.0 before 2.0.0.3 does not properly enforce operator-intervention requirements, which allows remote authenticated users to bypass intended access restrictions via an unspecified process step.

CVSS vector

AV:N/AC:L/C:P/I:P/A:NExploitability: 8.0 | Impact: 4.9

Affected Packages1 packages

NVDibm/financial_transaction_manager2.0.0.0, 2.0.0.1, 2.0.0.2+2

🔴Vulnerability Details

2
GHSA
GHSA-p3cj-4qcp-rww4: The OAC component in IBM Financial Transaction Manager (FTM) 22022-05-14
CVEList
CVE-2014-0833: The OAC component in IBM Financial Transaction Manager (FTM) 22014-02-01
CVE-2014-0833 — IBM vulnerability | cvebase