Improper Authorization Checks in IBM Financial Transaction Manager 3.2.4 Allow Unauthorized Access to Technical Information

Improper Authorization Checks in IBM Financial Transaction Manager 3.2.4 Allow Unauthorized Access to Technical Information

CVE-2022-43872 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

IBM Financial Transaction Manager 3.2.4 authorization checks are done incorrectly for some HTTP requests which allows getting unauthorized technical information (e.g. event log entries) about the FTM SWIFT system. IBM X-Force ID: 239708.

Learn more about our Cis Benchmark Audit For Ibm I.