TIBCO Silver Mobile vulnerability

   Original release date: May 08, 2013
   Last revised: --
   Source: TIBCO Software Inc.


Systems Affected

   TIBCO Silver Mobile version 1.1.0

   The following components are affected:

     * TIBCO Silver Mobile Server


Description

   The TIBCO Silver Mobile component listed above will fail to properly enforce
   administrator privileges in some circumstances.  This may allow unprivileged
   users to execute arbitrary commands with administrator privileges.

   TIBCO has released an update which addresses this issue.  TIBCO strongly
   recommends sites running the affected components to install the update.


Impact

   The impact of this vulnerability may include information disclosure,
   modification or deletion.


Solution

   Upgrade TIBCO Silver Mobile to version 1.1.1 or above.


References

   http://www.tibco.com/mk/advisory.jsp
   CVE: CVE-2013-3315