CVE-2020-5002

CWE-20Improper Input Validation4 documents4 sources
Severity
8.8HIGH
EPSS
0.3%
top 43.48%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Financial Transaction Manager
Timeline
PublishedMar 10

Description

IBM Financial Transaction Manager 3.2.0 through 3.2.10 could allow an authenticated user to perform unauthorized actions due to improper validation. IBM X-Force ID: 192954.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages2 packages

CVEListV5ibm/financial_transaction_manager3.2.03.2.10
NVDibm/financial_transaction_manager3.2.03.2.11

🔴Vulnerability Details

2
GHSA
GHSA-487g-54v9-7fxf: IBM Financial Transaction Manager 32023-03-10
CVEList
IBM Financial Transaction Manager security bypass2023-03-01

📄Research Papers

1
CTF
whitespace / README2020
CVE-2020-5002 (HIGH CVSS 8.8) | IBM Financial Transaction Manager 3 | cvebase.io