CVE-2016-3060
MEDIUMIBM Financial Transaction Manager 3.0.0.x-3.0.1.0 - Authenticated Clickjacking
Title source: llmDescription
Payments Director in IBM Financial Transaction Manager (FTM) for ACH Services, Check Services, and Corporate Payment Services (CPS) 3.0.0.x before fp0015 and 3.0.1.0 before iFix0002 allows remote authenticated users to conduct clickjacking attacks via a crafted web site.
References (5)
Core 5
Core References
Not Applicable vendor-advisory
x_refsource_aixapar
http://www-01.ibm.com/support/docview.wss?uid=swg1PI64064
Not Applicable vendor-advisory
x_refsource_aixapar
http://www-01.ibm.com/support/docview.wss?uid=swg1PI64063
Patch, Vendor Advisory x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21989060
Not Applicable vendor-advisory
x_refsource_aixapar
http://www-01.ibm.com/support/docview.wss?uid=swg1PI67537
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/92633
Scores
CVSS v3
5.7
EPSS
0.0080
EPSS Percentile
52.0%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N
Details
CWE
CWE-284
Status
published
Products (16)
ibm/financial_transaction_manager
3.0.0.0 (3 CPE variants)
ibm/financial_transaction_manager
3.0.0.1 (3 CPE variants)
ibm/financial_transaction_manager
3.0.0.2 (3 CPE variants)
ibm/financial_transaction_manager
3.0.0.3 (3 CPE variants)
ibm/financial_transaction_manager
3.0.0.4 (3 CPE variants)
ibm/financial_transaction_manager
3.0.0.5 (3 CPE variants)
ibm/financial_transaction_manager
3.0.0.6 (3 CPE variants)
ibm/financial_transaction_manager
3.0.0.7 (3 CPE variants)
ibm/financial_transaction_manager
3.0.0.8 (3 CPE variants)
ibm/financial_transaction_manager
3.0.0.9 (3 CPE variants)
... and 6 more
Published
Oct 29, 2016
Tracked Since
Feb 18, 2026