Описание
IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.1.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-ForceID: 155998.
Ссылки
- PatchVendor Advisory
- VDB EntryVendor Advisory
- PatchVendor Advisory
- VDB EntryVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 3.1.0.0 (включая) до 3.1.0.3 (включая)
cpe:2.3:a:ibm:financial_transaction_manager:*:*:*:*:*:ach_services:*:*
EPSS
Процентиль: 58%
0.00358
Низкий
6.3 Medium
CVSS3
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-89
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.1.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-ForceID: 155998.
EPSS
Процентиль: 58%
0.00358
Низкий
6.3 Medium
CVSS3
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-89