CVE-2020-5001
published 2023-03-01CVE-2020-5001: IBM Financial Transaction Manager 3.2.0 through 3.2.7 could allow a remote attacker to traverse directories on the system. An attacker could send a…
high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
IBM Financial Transaction Manager 3.2.0 through 3.2.7 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 192953.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | financial_transaction_manager | >= 3.2.0 < 3.2.7 | 3.2.7 |
| ibm | financial_transaction_manager | 3.2.0 – 3.2.7 | — |