CSRF in Ibm Financial_transaction_manager
CVE-2014-0831
Cross-site request forgery (CSRF) vulnerability in the OAC component in IBM Financial Transaction Manager (FTM) 2.0 before 2.0.0.3 allows remote attackers to hijack the authentication of arbitrary users for requests that modify configurati…
Vulnerability class: CSRF (Cross-Site Request Forgery)
EPSS: 0.001 (29.4th percentile) — read the EPSS interpretation.
Affected products
- Ibm Financial_transaction_manager — versions 2.0.0.0, 2.0.0.1, 2.0.0.2
- N/a — versions n/a
Weakness classification (CWE)
References
- psirt@us.ibm.com (x_refsource_CONFIRM, Vendor Advisory)
- 102766 (x_refsource_OSVDB, vdb-entry)
- ibm-ftm-cve20140831-csrf(90585) (vdb-entry, x_refsource_XF)