Lucene search
IbmCVE-2014-0831HistoryFeb 01, 2014 - 3:55 p.m.
CVE-2014-0831
2014-02-0115:55:04
CWE-352
ibm
web.nvd.nist.gov
23
cve-2014-0831
csrf
ibm
financial transaction manager
ftm 2.0
security vulnerability
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.2
Confidence
Low
EPSS
0.001
Percentile
48.7%
Cross-site request forgery (CSRF) vulnerability in the OAC component in IBM Financial Transaction Manager (FTM) 2.0 before 2.0.0.3 allows remote attackers to hijack the authentication of arbitrary users for requests that modify configuration data.
Affected configurations
Node
ibmfinancial_transaction_managerMatch2.0.0.0
ORibmfinancial_transaction_managerMatch2.0.0.1
ORibmfinancial_transaction_managerMatch2.0.0.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | financial_transaction_manager | 2.0.0.0 | cpe:2.3:a:ibm:financial_transaction_manager:2.0.0.0:*:*:*:*:*:*:* |
| ibm | financial_transaction_manager | 2.0.0.1 | cpe:2.3:a:ibm:financial_transaction_manager:2.0.0.1:*:*:*:*:*:*:* |
| ibm | financial_transaction_manager | 2.0.0.2 | cpe:2.3:a:ibm:financial_transaction_manager:2.0.0.2:*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2014-0831
2014-02-01 15:55:04
prion
prion
Cross site request forgery (csrf)
2014-02-01 15:55:00
cvelist
cvelist
CVE-2014-0831
2014-02-01 15:00:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.2
Confidence
Low
EPSS
0.001
Percentile
48.7%
Related for CVE-2014-0831