CVE-2023-35892

CVSS 3.1 Score 9.1 of 10 (high)

Details

Published Sep 5, 2023

Updated: Sep 8, 2023

CWE ID 611

Summary

CVE-2023-35892: IBM Financial Transaction Manager for SWIFT Services 3.2.4 contains a vulnerability that allows for XML External Entity Injection (XXE) attacks. This issue arises during the processing of XML data, posing a risk for remote attackers to access sensitive information or exhaust memory resources. IBM has identified this issue with an X-Force ID of 258786.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

IBM Financial Transaction Manager

Affected Vendors

IBM Corporation

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/shsUuO
https://www.cve.org/CVERecord?id=CVE-2023-35892
https://nvd.nist.gov/vuln/detail/CVE-2023-35892

Back to Vulnerability Database