Medium Severity

Security Bulletin: Security Bulletin: Financial Transaction Manager for Corporate Payment Services is affected by a potential caching vulnerability (CVE-2020-5003

Share this post:

Potential web serivces XML Enternal Entity Injection (XXE) attack.

CVE(s): CVE-2020-5003

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
Financial Transaction Manager for Corporate Payment Services for MP 3.2.4

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6462861
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/192956

More stories

Security Bulletin: IBM i2 Analyst's Notebook Premium has an information disclosure vulnerability (CVE-2021-29784)

Jul 23, 2021 8:20 pm EDT | Medium Severity

More information than is necessary is sometimes displayed in i2 Analyst's Notebook Premium error dialogs. ...read more


Security Bulletin: IBM QRadar SIEM uses weaker than expected cryptographic algorithms (CVE-2021-20337)

Jul 23, 2021 8:17 pm EDT | Medium Severity

IBM QRadar SIEM uses weaker than expected cryptographic algorithms ...read more


Security Bulletin: IBM i2 Analyze has an information disclosure vulnerability (CVE-2021-20430)

Jul 23, 2021 8:15 pm EDT | Medium Severity

i2 Analyze communcated unnecessary information (Liberty default landnig page) with an unmodified deployment. ...read more