IBM Security Bulletin: Financial Transaction Manager for Corporate Payment Services for Multi-Platform v2.1.1 is affected by a potential directory listing of internal product files vulnerability (CVE-2018-2026)

Financial Transaction Manager for Corporate Payment Services for Multi-Platform (FTM CPS) has addressed the following vulnerability. A potential directory listing vulnerability could allow an authenticated user to obtain a directory listing of internal product files.

CVE(s): CVE-2018-2026

Affected product(s) and affected version(s):

FTM CPS v2.1.1.0 – 2.1.1.4

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10795546
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/155552

The post IBM Security Bulletin: Financial Transaction Manager for Corporate Payment Services for Multi-Platform v2.1.1 is affected by a potential directory listing of internal product files vulnerability (CVE-2018-2026) appeared first on IBM PSIRT Blog.

from IBM Product Security Incident Response Team https://ift.tt/2GGBmCe