Vulnerability Details CVE-2016-3060
Payments Director in IBM Financial Transaction Manager (FTM) for ACH Services, Check Services, and Corporate Payment Services (CPS) 3.0.0.x before fp0015 and 3.0.1.0 before iFix0002 allows remote authenticated users to conduct clickjacking attacks via a crafted web site.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 38.0%
CVSS Severity
CVSS v3 Score 5.7
CVSS v2 Score 3.5
References
- http://www-01.ibm.com/support/docview.wss?uid=swg1PI64063
- http://www-01.ibm.com/support/docview.wss?uid=swg1PI64064
- http://www-01.ibm.com/support/docview.wss?uid=swg1PI67537
- http://www-01.ibm.com/support/docview.wss?uid=swg21989060
- http://www.securityfocus.com/bid/92633
- http://www-01.ibm.com/support/docview.wss?uid=swg1PI64063
- http://www-01.ibm.com/support/docview.wss?uid=swg1PI64064
- http://www-01.ibm.com/support/docview.wss?uid=swg1PI67537
- http://www-01.ibm.com/support/docview.wss?uid=swg21989060
- http://www.securityfocus.com/bid/92633
Products affected by CVE-2016-3060
-
cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.0
-
cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.1
-
cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.10
-
cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.11
-
cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.12
-
cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.13
-
cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.14
-
cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.2
-
cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.3
-
cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.4
-
cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.5
-
cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.6
-
cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.7
-
cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.8
-
cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.9
-
cpe:2.3:a:ibm:financial_transaction_manager:3.0.1.0