CVE-2014-0830

IBM Financial Transaction Manager 2.0-2.0.0.2 and 2.1 - Authenticated Path Traversal via OAC Table-Export

Title source: llm
STIX 2.1

Description

Directory traversal vulnerability in the table-export implementation in the OAC component in IBM Financial Transaction Manager (FTM) 2.0 before 2.0.0.3 and 2.1 before 2.1.0.1 allows remote authenticated users to read arbitrary files via a modified pathname.

References (2)

Core 2
Core References
Vendor Advisory x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21662714
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/90584

Scores

EPSS 0.0144
EPSS Percentile 70.0%

Details

CWE
CWE-22
Status published
Products (4)
ibm/financial_transaction_manager 2.0.0.0
ibm/financial_transaction_manager 2.0.0.1
ibm/financial_transaction_manager 2.0.0.2
ibm/financial_transaction_manager 2.1.0.0
Published Feb 01, 2014
Tracked Since Feb 18, 2026