CVE-2014-0831

Cross-site request forgery (CSRF) vulnerability in the OAC component in IBM Financial Transaction Manager (FTM) 2.0 before 2.0.0.3 allows remote attackers to hijack the authentication of arbitrary users for requests that modify configuration data.
CSRF
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
ibmCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 30%
VendorProductVersion
ibmfinancial_transaction_manager
2.0.0.0
ibmfinancial_transaction_manager
2.0.0.1
ibmfinancial_transaction_manager
2.0.0.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://osvdb.org/102766
http://www-01.ibm.com/support/docview.wss?uid=swg21662714
https://exchange.xforce.ibmcloud.com/vulnerabilities/90585
http://osvdb.org/102766
http://www-01.ibm.com/support/docview.wss?uid=swg21662714
https://exchange.xforce.ibmcloud.com/vulnerabilities/90585