Severity
Medium
Analysis Summary
CVE-2022-43875 CVSS:6.2
IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 could allow an authenticated user to lock additional RM authorizations, resulting in a denial of service on displaying or managing these authorizations.
CVE-2022-43872 CVSS:5.3
IBM Financial Transaction Manager 3.2.4 authorization checks are done incorrectly for some HTTP requests which allows getting unauthorized technical information (e.g. event log entries) about the FTM SWIFT system.
Impact
- Denial of Service
- Information Disclosure
Indicators Of Compromise
CVE
- CVE-2022-43875
- CVE-2022-43872
Affected Vendors
IBM
Affected Products
- IBM Financial Transaction Manager 3.2.4
Remediation
Refer to IBM Security Advisory for patch, upgrade or suggested workaround information.