Lucene search
IbmCVE-2020-5002HistoryMar 10, 2023 - 9:15 p.m.
CVE-2020-5002
2023-03-1021:15:10
CWE-20
ibm
web.nvd.nist.gov
33
ibm
financial transaction manager
cve-2020-5002
nvd
security
x-force id 192954
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
8.1
Confidence
High
EPSS
0.001
Percentile
49.7%
IBM Financial Transaction Manager 3.2.0 through 3.2.10 could allow an authenticated user to perform unauthorized actions due to improper validation. IBM X-Force ID: 192954.
Affected configurations
Node
ibmfinancial_transaction_managerRange3.2.0–3.2.11cps_services
ORibmfinancial_transaction_managerRange3.2.0–3.2.11digital_payments
ORibmfinancial_transaction_managerRange3.2.0–3.2.11high_value
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | financial_transaction_manager | * | cpe:2.3:a:ibm:financial_transaction_manager:*:*:*:*:*:cps_services:*:* |
| ibm | financial_transaction_manager | * | cpe:2.3:a:ibm:financial_transaction_manager:*:*:*:*:*:digital_payments:*:* |
| ibm | financial_transaction_manager | * | cpe:2.3:a:ibm:financial_transaction_manager:*:*:*:*:*:high_value:*:* |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Financial Transaction Manager",
"vendor": "IBM",
"versions": [
{
"lessThan": "3.2.10",
"status": "affected",
"version": "3.2.0",
"versionType": "semver"
}
]
}
]Related
cvelist
cvelist
CVE-2020-5002 IBM Financial Transaction Manager security bypass
2023-03-01 21:16:40
prion
prion
Input validation
2023-03-10 21:15:00
nvd
nvd
CVE-2020-5002
2023-03-10 21:15:10
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
8.1
Confidence
High
EPSS
0.001
Percentile
49.7%
Related for CVE-2020-5002