Information Disclosure Vulnerability in TIBCO Managed File Transfer and Slingshot

CVE-2014-2545

Summary

An information disclosure vulnerability exists in TIBCO's Managed File Transfer products, including the Internet Server and Command Center, as well as Slingshot and Vault. This flaw allows remote attackers to exploit crafted HTTP requests to extract sensitive information from these versions, posing a risk to the security of data handled by the affected products. Organizations should take immediate actions to upgrade to the latest versions to mitigate exposure to this vulnerability.

References