CVE-2016-0275

low-risk
Published 2018-03-09

IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transaction Manager (FTM) for Check Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, and Financial Transaction Manager (FTM) for Corporate Payment Services (CPS) for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013 allows local users to obtain sensitive information via vectors related to cacheable HTTPS responses.

Do I need to act?

-
0.04% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
3
CVSS 3.3/10 Low
LOCAL / LOW complexity

Affected Products (6)

Affected Vendors

Ibm

References (2)

Patch http://www-01.ibm.com/support/docview.wss?uid=swg21977245
Patch http://www-01.ibm.com/support/docview.wss?uid=swg21977245
26
/ 100
low-risk
Severity 13/34 · Low
Exploitability 0/34 · Minimal
Exposure 13/34 · Low