CVE-2016-0231 — Sensitive Information Exposure in IBM Financial Transaction Manager

CWE-200 — Sensitive Information Exposure5 documents4 sources

Severity

4.3MEDIUMNVD

EPSS

0.3%

top 43.54%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Financial Transaction Manager

Timeline

PublishedFeb 15

Latest updateMay 17

Description

IBM Financial Transaction Manager (FTM) for ACH Services, Check Services and Corporate Payment Services (CPS) 3.0.0 before FP12 allows remote authenticated users to obtain sensitive information by reading exception details in error logs.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages1 packages

▶NVDibm/financial_transaction_manager3.0.0.0

🔴Vulnerability Details

GHSA

GHSA-2grg-m45x-hwh6: IBM Financial Transaction Manager (FTM) for ACH Services, Check Services and Corporate Payment Services (CPS) 3↗2022-05-17

▶

CVEList

CVE-2016-0231: IBM Financial Transaction Manager (FTM) for ACH Services, Check Services and Corporate Payment Services (CPS) 3↗2016-02-15

▶

🕵️Threat Intelligence

Talos

Vulnerability Spotlight: Hard-coded Credential Flaw in Moxa ICS Wireless Access Points Identified and Fixed↗2017-04-21

▶