CVE-2020-4908

Description

IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 returns the product version and release information on the login dialog. This information could be used in further attacks against the system.

CVSS breakdown

CVSS 3.0

Integrity

None

Availability

None

Confidentiality

Low

Privileges Required

None

Scope

Unchanged

Attack Complexity

Low

Attack Vector

Network

User Interaction

None

Changed

Unchanged

Affected products

ibm / Financial Transaction Manager3.2.4 – 3.2.4

References

MISChttps://www.ibm.com/support/pages/node/6371260
MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/191113