Path Traversal in Ibm Financial_transaction_manager

CVE-2014-0830

Directory traversal vulnerability in the table-export implementation in the OAC component in IBM Financial Transaction Manager (FTM) 2.0 before 2.0.0.3 and 2.1 before 2.1.0.1 allows remote authenticated users to read arbitrary files via a…

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.002 (42.3th percentile) — read the EPSS interpretation.

Affected products

Ibm Financial_transaction_manager — versions 2.0.0.0, 2.0.0.1, 2.0.0.2
N/a — versions n/a

Weakness classification (CWE)

CWE-22 — Path Traversal

References

psirt@us.ibm.com (x_refsource_CONFIRM, Vendor Advisory)
ibm-ftm-cve20140830-trav(90584) (vdb-entry, x_refsource_XF)