What is CVE-2021-39044?

CVE-2021-39044 is a vulnerability in IBM Financial Transaction Manager 3.2.4 that allows an attacker to execute malicious actions transmitted from a trusted user.

How severe is CVE-2021-39044?

CVE-2021-39044 has a severity rating of 8.8, which is considered high.

How does CVE-2021-39044 affect IBM Financial Transaction Manager?

CVE-2021-39044 affects IBM Financial Transaction Manager 3.2.4 by making it vulnerable to cross-site request forgery attacks.

How can an attacker exploit CVE-2021-39044?

An attacker can exploit CVE-2021-39044 by tricking a trusted user into performing malicious actions on behalf of the attacker.

Is there a fix for CVE-2021-39044?

Yes, IBM has provided a fix for CVE-2021-39044. It is recommended to update to the latest version of IBM Financial Transaction Manager.

Vulnerability/
CVE-2021-39044

high

8.8

CWE

352

31/1/2022

2/2/2022

17/9/2024

CVE-2021-39044: CSRF

First published: Mon Jan 31 2022(Updated: )

IBM Financial Transaction Manager 3.2.4 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 214210.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
Ibm Financial Transaction Manager	=3.2.4
	<=3.2.4

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

IBM-6527892

Frequently Asked Questions

What is CVE-2021-39044?
CVE-2021-39044 is a vulnerability in IBM Financial Transaction Manager 3.2.4 that allows an attacker to execute malicious actions transmitted from a trusted user.
How severe is CVE-2021-39044?
CVE-2021-39044 has a severity rating of 8.8, which is considered high.
How does CVE-2021-39044 affect IBM Financial Transaction Manager?
CVE-2021-39044 affects IBM Financial Transaction Manager 3.2.4 by making it vulnerable to cross-site request forgery attacks.
How can an attacker exploit CVE-2021-39044?
An attacker can exploit CVE-2021-39044 by tricking a trusted user into performing malicious actions on behalf of the attacker.
Is there a fix for CVE-2021-39044?
Yes, IBM has provided a fix for CVE-2021-39044. It is recommended to update to the latest version of IBM Financial Transaction Manager.

agent/references
agent/type
agent/first-publish-date
collector/nvd-index
agent/software-canonical-lookup-request
agent/weakness
agent/author
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/severity
agent/softwarecombine
agent/tags
agent/event
collector/ibm-support
source/IBM
agent/software-canonical-lookup
vendor/ibm
canonical/ibm financial transaction manager
version/ibm financial transaction manager/3.2.4
canonical/ibm financial transaction manager for swift services for multiplatforms
version/ibm financial transaction manager for swift services for multiplatforms/3.2.4

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.