IBM Financial Transaction Manager 3.0.1 and 3.0.2 does not properly update the SESSIONID with each request, which could allow a user to obtain the ID in further attacks against the system. IBM X-Force ID: 122293.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm financial transaction manager 3.0.2.0 |
||
ibm financial transaction manager 3.0.1.0 |