CVE-2020-4907

Description

IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system.

CVSS breakdown

CVSS 3.0

Privileges Required

None

Confidentiality

Low

Availability

None

Integrity

None

User Interaction

None

Attack Complexity

Low

Attack Vector

Network

Scope

Unchanged

Changed

Affected products

ibm / Financial Transaction Manager3.2.4 – 3.2.4

References

MISChttps://www.ibm.com/support/pages/node/6371260
MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/191112