Описание
IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.0.2, 3.0.4, 3.0.6, and 3.2.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-force ID: 150023.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
- PatchVendor Advisory
- VDB EntryVendor Advisory
- PatchVendor Advisory
- PatchVendor Advisory
- PatchVendor Advisory
- VDB EntryVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:ibm:financial_transaction_manager:3.0.2.0:*:*:*:*:cps_services:*:*
cpe:2.3:a:ibm:financial_transaction_manager:3.0.2.1:*:*:*:*:cps_services:*:*
cpe:2.3:a:ibm:financial_transaction_manager:3.0.4.0:*:*:*:*:cps_services:*:*
cpe:2.3:a:ibm:financial_transaction_manager:3.0.6.0:*:*:*:*:ach_services:*:*
cpe:2.3:a:ibm:financial_transaction_manager:3.0.6.1:*:*:*:*:ach_services:*:*
cpe:2.3:a:ibm:financial_transaction_manager:3.1.0.0:*:*:*:*:ach_services:*:*
cpe:2.3:a:ibm:financial_transaction_manager:3.1.0.1:*:*:*:*:ach_services:*:*
cpe:2.3:a:ibm:financial_transaction_manager:3.1.0.2:*:*:*:*:ach_services:*:*
cpe:2.3:a:ibm:financial_transaction_manager:3.2.0.0:*:*:*:*:digital_payments:*:*
EPSS
Процентиль: 63%
0.00444
Низкий
6.3 Medium
CVSS3
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-89
Связанные уязвимости
CVSS3: 8.8
github
больше 3 лет назад
IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.0.2, 3.0.4, 3.0.6, and 3.2.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-force ID: 150023.
EPSS
Процентиль: 63%
0.00444
Низкий
6.3 Medium
CVSS3
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-89