IBM Financial Transaction Manager for SWIFT Services for Multiplatforms denial of service
Description
IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 could allow an authenticated user to lock additional RM authorizations, resulting in a denial of service on displaying or managing these authorizations. IBM X-Force ID: 240034.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
IBM Financial Transaction Manager for SWIFT Services 3.2.4 allows authenticated users to lock RM authorizations, causing a denial of service.
Vulnerability
In IBM Financial Transaction Manager for SWIFT Services for Multiplatforms version 3.2.4, an authenticated user can lock additional RM (Resource Manager) authorizations, leading to a denial of service when displaying or managing these authorizations [1]. The vulnerability is triggered through a specific HTTP request that fails to properly validate authorization boundaries.
Exploitation
An attacker must be an authenticated user with local access to the system (CVSS vector AV:L). No special privileges or user interaction are required. The attacker can send crafted requests to the affected component, locking RM authorizations and preventing legitimate display or management operations.
Impact
Successful exploitation results in a denial of service on the authorization management functionality. The confidentiality and integrity of the system are not affected, but availability is severely impacted (CVSS A:H) [1].
Mitigation
As of the advisory publication date (2022-12-20), no fix or workaround has been provided. Users are advised to contact IBM support for further assistance. The affected version is 3.2.4; upgrading to a later version or applying a patch if available is recommended.
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: =3.2.4
- Range: 3.2.4
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- www.ibm.com/support/pages/node/6848881mitrevendor-advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/240034mitrevdb-entry
News mentions
0No linked articles in our index yet.