Description
IBM Financial Transaction Manager 3.2.4 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 177839.
CVSS breakdown
CVSS 3.0
Attack Complexity
Low
Confidentiality
Low
Scope
Unchanged
Integrity
Low
Availability
Low
User Interaction
None
Attack Vector
Network
Privileges Required
Low
RC
Changed
RL
O
E
Unchanged
Affected products
- ibm / Financial Transaction Manager3.2.4 – 3.2.4