TIBCO FTL Escalation Of Privileges for Realm Configuration
CVE-2019-11209

8.8HIGH

Key Information:

Vendor
Tibco
Status
Tibco Ftl Community Edition
Tibco Ftl Developer Edition
Tibco Ftl Enterprise Edition
Vendor
CVE Published:
20 August 2019

Summary

The realm configuration component of TIBCO Software Inc.'s TIBCO FTL Community Edition, TIBCO FTL Developer Edition, TIBCO FTL Enterprise Edition contains a vulnerability that theoretically fails to properly enforce access controls. This issue affects TIBCO FTL Community Edition 6.0.0; 6.0.1; 6.1.0, TIBCO FTL Developer Edition 6.0.1; 6.1.0, and TIBCO FTL Enterprise Edition 6.0.0; 6.0.1; 6.1.0.

Affected Version(s)

TIBCO FTL Community Edition 6.0.0

TIBCO FTL Community Edition 6.0.1

TIBCO FTL Community Edition 6.1.0

References

http://www.tibco.com/services/support/advisories
x_refsource_CONFIRM
https://www.tibco.com/support/advisories/2019/08/tibco-se...
x_refsource_CONFIRM

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.