CVE-2016-0231

low-risk
Published 2016-02-15

IBM Financial Transaction Manager (FTM) for ACH Services, Check Services and Corporate Payment Services (CPS) 3.0.0 before FP12 allows remote authenticated users to obtain sensitive information by reading exception details in error logs.

Do I need to act?

-
0.34% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
4
CVSS 4.3/10 Medium
NETWORK / LOW complexity

Affected Products (1)

Affected Vendors

Ibm

References (14)

http://www-01.ibm.com/support/docview.wss?uid=swg1PI56757
http://www-01.ibm.com/support/docview.wss?uid=swg1PI56758
http://www-01.ibm.com/support/docview.wss?uid=swg1PI56759
http://www-01.ibm.com/support/docview.wss?uid=swg1PI56762
http://www-01.ibm.com/support/docview.wss?uid=swg1PI56763
http://www-01.ibm.com/support/docview.wss?uid=swg1PI56764
Vendor Advisory http://www-01.ibm.com/support/docview.wss?uid=swg21976392
http://www-01.ibm.com/support/docview.wss?uid=swg1PI56757
http://www-01.ibm.com/support/docview.wss?uid=swg1PI56758
http://www-01.ibm.com/support/docview.wss?uid=swg1PI56759
http://www-01.ibm.com/support/docview.wss?uid=swg1PI56762
http://www-01.ibm.com/support/docview.wss?uid=swg1PI56763
http://www-01.ibm.com/support/docview.wss?uid=swg1PI56764
Vendor Advisory http://www-01.ibm.com/support/docview.wss?uid=swg21976392
24
/ 100
low-risk
Severity 18/34 · Moderate
Exploitability 1/34 · Minimal
Exposure 5/34 · Minimal