CVE-2023-49880

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Dec 25, 2023

Updated: Jan 3, 2024

Summary

CVE-2023-49880: In IBM Financial Transaction Manager for SWIFT Services 3.2.4, the assumption that the sending address and message type of FIN messages in the Message Entry and Repair (MER) facility are immutable poses a risk. An attacker can exploit this vulnerability to modify these business transaction elements, potentially disrupting financial transactions with significant consequences. IBM's X-Force has identified this issue with ID 273183.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

IBM Financial Transaction Manager

Affected Vendors

IBM Corporation

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/topPhU
https://www.cve.org/CVERecord?id=CVE-2023-49880
https://nvd.nist.gov/vuln/detail/CVE-2023-49880

Back to Vulnerability Database