CVE-2016-3060

Опубликовано: 29 окт. 2016

Источник: nvd

CVSS3: 5.7

CVSS2: 3.5

EPSS Низкий

Описание

Payments Director in IBM Financial Transaction Manager (FTM) for ACH Services, Check Services, and Corporate Payment Services (CPS) 3.0.0.x before fp0015 and 3.0.1.0 before iFix0002 allows remote authenticated users to conduct clickjacking attacks via a crafted web site.

Ссылки

http://www-01.ibm.com/support/docview.wss?uid=swg1PI64063
Not Applicable
http://www-01.ibm.com/support/docview.wss?uid=swg1PI64064
Not Applicable
http://www-01.ibm.com/support/docview.wss?uid=swg1PI67537
Not Applicable
http://www-01.ibm.com/support/docview.wss?uid=swg21989060
Patch
Vendor Advisory
http://www.securityfocus.com/bid/92633
http://www-01.ibm.com/support/docview.wss?uid=swg1PI64063
Not Applicable
http://www-01.ibm.com/support/docview.wss?uid=swg1PI64064
Not Applicable
http://www-01.ibm.com/support/docview.wss?uid=swg1PI67537
Not Applicable
http://www-01.ibm.com/support/docview.wss?uid=swg21989060
Patch
Vendor Advisory
http://www.securityfocus.com/bid/92633

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.0:*:*:*:*:cps_services:*:*

cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.1:*:*:*:*:cps_services:*:*

cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.2:*:*:*:*:cps_services:*:*

cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.3:*:*:*:*:cps_services:*:*

cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.4:*:*:*:*:cps_services:*:*

cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.5:*:*:*:*:cps_services:*:*

cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.6:*:*:*:*:cps_services:*:*

cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.7:*:*:*:*:cps_services:*:*

cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.8:*:*:*:*:cps_services:*:*

cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.9:*:*:*:*:cps_services:*:*

cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.10:*:*:*:*:cps_services:*:*

cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.11:*:*:*:*:cps_services:*:*

cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.12:*:*:*:*:cps_services:*:*

cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.13:*:*:*:*:cps_services:*:*

cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.14:*:*:*:*:cps_services:*:*

Конфигурация 2

Одно из

cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.0:*:*:*:*:ach_services:*:*

cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.1:*:*:*:*:ach_services:*:*

cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.2:*:*:*:*:ach_services:*:*

cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.3:*:*:*:*:ach_services:*:*

cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.4:*:*:*:*:ach_services:*:*

cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.5:*:*:*:*:ach_services:*:*

cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.6:*:*:*:*:ach_services:*:*

cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.7:*:*:*:*:ach_services:*:*

cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.8:*:*:*:*:ach_services:*:*

cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.9:*:*:*:*:ach_services:*:*

cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.10:*:*:*:*:ach_services:*:*

cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.11:*:*:*:*:ach_services:*:*

cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.12:*:*:*:*:ach_services:*:*

cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.13:*:*:*:*:ach_services:*:*

cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.14:*:*:*:*:ach_services:*:*

cpe:2.3:a:ibm:financial_transaction_manager:3.0.1.0:*:*:*:*:ach_services:*:*

Конфигурация 3

Одно из

cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.0:*:*:*:*:check_services:*:*

cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.1:*:*:*:*:check_services:*:*

cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.2:*:*:*:*:check_services:*:*

cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.3:*:*:*:*:check_services:*:*

cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.4:*:*:*:*:check_services:*:*

cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.5:*:*:*:*:check_services:*:*

cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.6:*:*:*:*:check_services:*:*

cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.7:*:*:*:*:check_services:*:*

cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.8:*:*:*:*:check_services:*:*

cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.9:*:*:*:*:check_services:*:*

cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.10:*:*:*:*:check_services:*:*

cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.11:*:*:*:*:check_services:*:*

cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.12:*:*:*:*:check_services:*:*

cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.13:*:*:*:*:check_services:*:*

cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.14:*:*:*:*:check_services:*:*

cpe:2.3:a:ibm:financial_transaction_manager:3.0.1.0:*:*:*:*:check_services:*:*

EPSS

Процентиль: 37%

0.00161

Низкий

5.7 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-284

Связанные уязвимости

GHSA-wcm9-qmw5-8964

CVSS3: 5.7

github

больше 3 лет назад

EPSS

Процентиль: 37%

0.00161

Низкий

5.7 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-284