Medium Severity

IBM Security Bulletin: Financial Transaction Manager for Corporate Payment Services is affected by a potential directory listing of internal product files vulnerability (CVE-2018-2026)

Jan 22, 2019 9:01 am EDT

Categorized: Medium Severity

Share this post:

IBM Financial Transaction Manager for Corporate Payment Services (FTM CPS) for Multi-Platform has addressed the following vulnerability. A potential directory listing vulnerability could allow an authenticated user to obtain a directory listing of internal product files.

CVE(s): CVE-2018-2026

Affected product(s) and affected version(s):

FTM CPS v3.2.1.0

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10795544
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/155552


Previous Post

IBM Security Bulletin: Financial Transaction Manager for Digital Payments is affected by a potential directory listing of internal product files vulnerability (CVE-2018-2026)

Next Post

IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM Tivoli Netcool Configuration Manager
More stories

IBM Security Bulletin: IBM Integrated Management Module II (IMM2) is affected by information disclosure vulnerability (CVE-2019-6157)

Apr 25, 2019 9:02 am EDT | Medium Severity

IBM Integrated Management Module II (IMM2) has addressed the following information disclosure vulnerability. CVE(s): CVE-2019-6157 Affected product(s) and affected version(s): Product Affected Version IBM Integrated Management Module II (IMM2) for System x & Flex Systems 1AOO IBM Integrated Management Module II (IMM2) for BladeCenter Systems 1AOO Refer to the following reference URLs for remediation and ...read more

IBM Security Bulletin: Security vulnerability affects the Lifecycle Query Engine (LQE) that is shipped with Jazz Reporting Service (CVE-2019-4047)

Apr 25, 2019 9:02 am EDT | Medium Severity

There is a security vulnerability in the Lifecycle Query Engine (LQE) shipped with Jazz Reporting Service. CVE(s): CVE-2019-4047 Affected product(s) and affected version(s): Jazz Reporting Service 6.0.6. Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10882262X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/156243 ...read more

IBM Security Bulletin: Security vulnerability affects the Report Builder that is shipped with Jazz Reporting Service (CVE-2018-2004)

Apr 25, 2019 9:02 am EDT | Medium Severity

There is a security vulnerability in the Report Builder shipped with Jazz Reporting Service. CVE(s): CVE-2018-2004 Affected product(s) and affected version(s): Jazz Reporting Service 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5 and 6.0.6. Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10882260X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/155006 ...read more