CVE-2016-3060

EUVD-2016-4133
Payments Director in IBM Financial Transaction Manager (FTM) for ACH Services, Check Services, and Corporate Payment Services (CPS) 3.0.0.x before fp0015 and 3.0.1.0 before iFix0002 allows remote authenticated users to conduct clickjacking attacks via a crafted web site.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.7 MEDIUM
NETWORK
LOW
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 36%
Affected Products (NVD)
VendorProductVersion
ibmfinancial_transaction_manager
3.0.0.0
ibmfinancial_transaction_manager
3.0.0.1
ibmfinancial_transaction_manager
3.0.0.2
ibmfinancial_transaction_manager
3.0.0.3
ibmfinancial_transaction_manager
3.0.0.4
ibmfinancial_transaction_manager
3.0.0.5
ibmfinancial_transaction_manager
3.0.0.6
ibmfinancial_transaction_manager
3.0.0.7
ibmfinancial_transaction_manager
3.0.0.8
ibmfinancial_transaction_manager
3.0.0.9
ibmfinancial_transaction_manager
3.0.0.10
ibmfinancial_transaction_manager
3.0.0.11
ibmfinancial_transaction_manager
3.0.0.12
ibmfinancial_transaction_manager
3.0.0.13
ibmfinancial_transaction_manager
3.0.0.14
ibmfinancial_transaction_manager
3.0.0.0
ibmfinancial_transaction_manager
3.0.0.1
ibmfinancial_transaction_manager
3.0.0.2
ibmfinancial_transaction_manager
3.0.0.3
ibmfinancial_transaction_manager
3.0.0.4
ibmfinancial_transaction_manager
3.0.0.5
ibmfinancial_transaction_manager
3.0.0.6
ibmfinancial_transaction_manager
3.0.0.7
ibmfinancial_transaction_manager
3.0.0.8
ibmfinancial_transaction_manager
3.0.0.9
ibmfinancial_transaction_manager
3.0.0.10
ibmfinancial_transaction_manager
3.0.0.11
ibmfinancial_transaction_manager
3.0.0.12
ibmfinancial_transaction_manager
3.0.0.13
ibmfinancial_transaction_manager
3.0.0.14
ibmfinancial_transaction_manager
3.0.1.0
ibmfinancial_transaction_manager
3.0.0.0
ibmfinancial_transaction_manager
3.0.0.1
ibmfinancial_transaction_manager
3.0.0.2
ibmfinancial_transaction_manager
3.0.0.3
ibmfinancial_transaction_manager
3.0.0.4
ibmfinancial_transaction_manager
3.0.0.5
ibmfinancial_transaction_manager
3.0.0.6
ibmfinancial_transaction_manager
3.0.0.7
ibmfinancial_transaction_manager
3.0.0.8
ibmfinancial_transaction_manager
3.0.0.9
ibmfinancial_transaction_manager
3.0.0.10
ibmfinancial_transaction_manager
3.0.0.11
ibmfinancial_transaction_manager
3.0.0.12
ibmfinancial_transaction_manager
3.0.0.13
ibmfinancial_transaction_manager
3.0.0.14
ibmfinancial_transaction_manager
3.0.1.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www-01.ibm.com/support/docview.wss?uid=swg1PI64063
http://www-01.ibm.com/support/docview.wss?uid=swg1PI64064
http://www-01.ibm.com/support/docview.wss?uid=swg1PI67537
http://www-01.ibm.com/support/docview.wss?uid=swg21989060
http://www.securityfocus.com/bid/92633
http://www-01.ibm.com/support/docview.wss?uid=swg1PI64063
http://www-01.ibm.com/support/docview.wss?uid=swg1PI64064
http://www-01.ibm.com/support/docview.wss?uid=swg1PI67537
http://www-01.ibm.com/support/docview.wss?uid=swg21989060
http://www.securityfocus.com/bid/92633