CVE-2016-3060
MEDIUMIBM Financial Transaction Manager - Improper Access Control
Title source: ruleDescription
Payments Director in IBM Financial Transaction Manager (FTM) for ACH Services, Check Services, and Corporate Payment Services (CPS) 3.0.0.x before fp0015 and 3.0.1.0 before iFix0002 allows remote authenticated users to conduct clickjacking attacks via a crafted web site.
References (5)
Scores
CVSS v3
5.7
EPSS
0.0016
EPSS Percentile
36.8%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N
Classification
CWE
CWE-284
Status
published
Affected Products (48)
n/a/n/a
ibm/financial_transaction_manager
ibm/financial_transaction_manager
ibm/financial_transaction_manager
ibm/financial_transaction_manager
ibm/financial_transaction_manager
ibm/financial_transaction_manager
ibm/financial_transaction_manager
ibm/financial_transaction_manager
ibm/financial_transaction_manager
ibm/financial_transaction_manager
ibm/financial_transaction_manager
ibm/financial_transaction_manager
ibm/financial_transaction_manager
ibm/financial_transaction_manager
... and 33 more
Timeline
Published
Oct 29, 2016
Tracked Since
Feb 18, 2026