) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.6:*:*:*:*:cps_services:*:*
- CPE Name Search: true
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2016-0276 |
IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transaction Manager (FTM) for Check Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, and Financial Transaction Manager (FTM) for Corporate Payment Services (CPS) for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013 allows remote attackers to execute arbitrary code via a crafted serialized Java Message Service (JMS) ObjectMessage object. IBM X-Force ID: 111084. Published: March 09, 2018; 2:29:00 PM -0500 |
V3.0: 6.3 MEDIUM V2.0: 6.5 MEDIUM |
| CVE-2016-0275 |
IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transaction Manager (FTM) for Check Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, and Financial Transaction Manager (FTM) for Corporate Payment Services (CPS) for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013 allows local users to obtain sensitive information via vectors related to cacheable HTTPS responses. Published: March 09, 2018; 2:29:00 PM -0500 |
V3.0: 3.3 LOW V2.0: 2.1 LOW |
| CVE-2016-0274 |
IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transaction Manager (FTM) for Check Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, and Financial Transaction Manager (FTM) for Corporate Payment Services (CPS) for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013 allows remote attackers to conduct clickjacking attacks via a crafted web site. IBM X-Force ID: 111076. Published: March 09, 2018; 2:29:00 PM -0500 |
V3.0: 5.4 MEDIUM V2.0: 3.5 LOW |
| CVE-2016-0272 |
Cross-site request forgery (CSRF) vulnerability in IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transaction Manager (FTM) for Check Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, and Financial Transaction Manager (FTM) for Corporate Payment Services (CPS) for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013 allows remote attackers to hijack the authentication of arbitrary users via unspecified vectors. IBM X-Force ID: 111052. Published: March 09, 2018; 2:29:00 PM -0500 |
V3.0: 8.0 HIGH V2.0: 6.0 MEDIUM |
| CVE-2016-0268 |
XML external entity (XXE) vulnerability in IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transaction Manager (FTM) for Check Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, and Financial Transaction Manager (FTM) for Corporate Payment Services (CPS) for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013 allows remote authenticated users to obtain sensitive information via crafted XML data. IBM X-Force ID: 110915. Published: March 09, 2018; 2:29:00 PM -0500 |
V3.0: 4.3 MEDIUM V2.0: 4.0 MEDIUM |
| CVE-2016-0253 |
Cross-site scripting (XSS) vulnerability in IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transaction Manager (FTM) for Check Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, and Financial Transaction Manager (FTM) for Corporate Payment Services (CPS) for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 110562. Published: March 09, 2018; 2:29:00 PM -0500 |
V3.0: 5.4 MEDIUM V2.0: 3.5 LOW |
| CVE-2017-1606 |
IBM Financial Transaction Manager (FTM) for Multi-Platform (MP) 3.0.0.0 through 3.0.0.7 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 132926. Published: December 11, 2017; 4:29:00 PM -0500 |
V3.0: 8.8 HIGH V2.0: 6.5 MEDIUM |
| CVE-2017-1160 |
IBM Financial Transaction Manager for ACH Services for Multi-Platform 3.0.0.x is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 122892. Published: April 17, 2017; 5:59:00 PM -0400 |
V3.0: 5.4 MEDIUM V2.0: 3.5 LOW |
| CVE-2016-5920 |
Cross-site scripting (XSS) vulnerability in the Web UI in IBM Financial Transaction Manager (FTM) for ACH Services 3.0.0.x before fp0015 and 3.0.1.0 before iFix0002 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Published: October 28, 2016; 9:59:35 PM -0400 |
V3.0: 5.4 MEDIUM V2.0: 3.5 LOW |
| CVE-2016-3060 |
Payments Director in IBM Financial Transaction Manager (FTM) for ACH Services, Check Services, and Corporate Payment Services (CPS) 3.0.0.x before fp0015 and 3.0.1.0 before iFix0002 allows remote authenticated users to conduct clickjacking attacks via a crafted web site. Published: October 28, 2016; 9:59:12 PM -0400 |
V3.0: 5.7 MEDIUM V2.0: 3.5 LOW |
| CVE-2016-0232 |
IBM Financial Transaction Manager (FTM) for ACH Services, Check Services and Corporate Payment Services (CPS) 3.0.0 before FP12 allows remote authenticated users to obtain sensitive information by reading README files. Published: February 15, 2016; 6:59:01 PM -0500 |
V3.0: 4.3 MEDIUM V2.0: 4.0 MEDIUM |