CVE-2022-43872
Severity
5.3MEDIUM
EPSS
0.1%
top 65.93%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedDec 20
Description
IBM Financial Transaction Manager 3.2.4 authorization checks are done incorrectly for some HTTP requests which allows getting unauthorized technical information (e.g. event log entries) about the FTM SWIFT system. IBM X-Force ID: 239708.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4