PT-2018-4598 · Ibm · Ibm Financial Transaction Manager (Ftm) For Ach Services+1

Published

2018-03-09

·

Updated

2018-03-27

·

CVE-2016-0275

CVSS v3.1

3.3

Low

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Name of the Vulnerable Software and Affected Versions IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Platform versions 2.1.1.2 through 3.0.0.x before fp0013 IBM Financial Transaction Manager (FTM) for Check Services for Multi-Platform versions 2.1.1.2 through 3.0.0.x before fp0013 IBM Financial Transaction Manager (FTM) for Corporate Payment Services (CPS) for Multi-Platform versions 2.1.1.2 through 3.0.0.x before fp0013
Description The issue allows local users to obtain sensitive information via vectors related to cacheable HTTPS responses.
Recommendations For IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Platform versions 2.1.1.2 through 3.0.0.x before fp0013, apply fix pack fp0013. For IBM Financial Transaction Manager (FTM) for Check Services for Multi-Platform versions 2.1.1.2 through 3.0.0.x before fp0013, apply fix pack fp0013. For IBM Financial Transaction Manager (FTM) for Corporate Payment Services (CPS) for Multi-Platform versions 2.1.1.2 through 3.0.0.x before fp0013, apply fix pack fp0013.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2016-0275

Affected Products

Ibm Financial Transaction Manager (Ftm) For Ach Services
Ibm Financial Transaction Manager (Ftm) For Corporate Payment Services