Vulnerabilities for Administrator (...) - CXSECURITY.COM

Vulnerabilities for 'Administrator'

2021-04-20

CVE-2021-28829

CWE-74

The Administration GUI component of TIBCO Software Inc.'s TIBCO Administrator - Enterprise Edition, TIBCO Administrator - Enterprise Edition, TIBCO Administrator - Enterprise Edition Distribution for TIBCO Silver Fabric, TIBCO Administrator - Enterprise Edition Distribution for TIBCO Silver Fabric, TIBCO Administrator - Enterprise Edition for z/Linux, and TIBCO Administrator - Enterprise Edition for z/Linux contains an easily exploitable vulnerability that allows a low privileged attacker with network access to execute a persistent CSV injection attack from the affected system. A successful attack using this vulnerability requires human interaction from a person other than the attacker. Affected releases are TIBCO Software Inc.'s TIBCO Administrator - Enterprise Edition: versions 5.10.2 and below, TIBCO Administrator - Enterprise Edition: versions 5.11.0 and 5.11.1, TIBCO Administrator - Enterprise Edition Distribution for TIBCO Silver Fabric: versions 5.10.2 and below, TIBCO Administrator - Enterprise Edition Distribution for TIBCO Silver Fabric: versions 5.11.0 and 5.11.1, TIBCO Administrator - Enterprise Edition for z/Linux: versions 5.10.2 and below, and TIBCO Administrator - Enterprise Edition for z/Linux: versions 5.11.0 and 5.11.1.

CVE-2021-28828

CWE-89

The Administration GUI component of TIBCO Software Inc.'s TIBCO Administrator - Enterprise Edition, TIBCO Administrator - Enterprise Edition, TIBCO Administrator - Enterprise Edition Distribution for TIBCO Silver Fabric, TIBCO Administrator - Enterprise Edition Distribution for TIBCO Silver Fabric, TIBCO Administrator - Enterprise Edition for z/Linux, and TIBCO Administrator - Enterprise Edition for z/Linux contains an easily exploitable vulnerability that allows a low privileged attacker with network access to execute a SQL injection attack on the affected system. Affected releases are TIBCO Software Inc.'s TIBCO Administrator - Enterprise Edition: versions 5.10.2 and below, TIBCO Administrator - Enterprise Edition: versions 5.11.0 and 5.11.1, TIBCO Administrator - Enterprise Edition Distribution for TIBCO Silver Fabric: versions 5.10.2 and below, TIBCO Administrator - Enterprise Edition Distribution for TIBCO Silver Fabric: versions 5.11.0 and 5.11.1, TIBCO Administrator - Enterprise Edition for z/Linux: versions 5.10.2 and below, and TIBCO Administrator - Enterprise Edition for z/Linux: versions 5.11.0 and 5.11.1.

CVE-2021-28827

CWE-79

The Administration GUI component of TIBCO Software Inc.'s TIBCO Administrator - Enterprise Edition, TIBCO Administrator - Enterprise Edition, TIBCO Administrator - Enterprise Edition Distribution for TIBCO Silver Fabric, TIBCO Administrator - Enterprise Edition Distribution for TIBCO Silver Fabric, TIBCO Administrator - Enterprise Edition for z/Linux, TIBCO Administrator - Enterprise Edition for z/Linux, TIBCO Runtime Agent, TIBCO Runtime Agent, TIBCO Runtime Agent for z/Linux, and TIBCO Runtime Agent for z/Linux contains an easily exploitable vulnerability that allows an unauthenticated attacker to social engineer a legitimate user with network access to execute a Stored XSS attack targeting the affected system. A successful attack using this vulnerability requires human interaction from a person other than the attacker. Affected releases are TIBCO Software Inc.'s TIBCO Administrator - Enterprise Edition: versions 5.10.2 and below, TIBCO Administrator - Enterprise Edition: versions 5.11.0 and 5.11.1, TIBCO Administrator - Enterprise Edition Distribution for TIBCO Silver Fabric: versions 5.10.2 and below, TIBCO Administrator - Enterprise Edition Distribution for TIBCO Silver Fabric: versions 5.11.0 and 5.11.1, TIBCO Administrator - Enterprise Edition for z/Linux: versions 5.10.2 and below, TIBCO Administrator - Enterprise Edition for z/Linux: versions 5.11.0 and 5.11.1, TIBCO Runtime Agent: versions 5.10.2 and below, TIBCO Runtime Agent: versions 5.11.0 and 5.11.1, TIBCO Runtime Agent for z/Linux: versions 5.10.2 and below, and TIBCO Runtime Agent for z/Linux: versions 5.11.0 and 5.11.1.

2018-06-13

CVE-2018-5433

CWE-611

The TIBCO Administrator server component of TIBCO Software Inc.'s TIBCO Administrator - Enterprise Edition, and TIBCO Administrator - Enterprise Edition for z/Linux contains vulnerabilities wherein a malicious user could perform XML external entity expansion (XXE) attacks to disclose host machine information. Affected releases are TIBCO Software Inc.'s TIBCO Administrator - Enterprise Edition: versions up to and including 5.10.0, and TIBCO Administrator - Enterprise Edition for z/Linux: versions up to and including 5.9.1.

CVE-2018-5432

CWE-79

The TIBCO Administrator server component of of TIBCO Software Inc.'s TIBCO Administrator - Enterprise Edition, and TIBCO Administrator - Enterprise Edition for z/Linux contains multiple vulnerabilities wherein a malicious user could theoretically perform cross-site scripting (XSS) attacks by way of manipulating artifacts prior to uploading them. Affected releases are TIBCO Software Inc.'s TIBCO Administrator - Enterprise Edition: versions up to and including 5.10.0, and TIBCO Administrator - Enterprise Edition for z/Linux: versions up to and including 5.9.1.

2010-02-25

CVE-2010-0683

CWE-noinfo

Unspecified vulnerability in TIBRepoServer5.jar in TIBCO Administrator 5.4.0 through 5.6.0, when JMS transport is used, allows remote authenticated users to execute arbitrary code on all domain nodes via vectors related to leveraging administrative credentials.

>>> Vendor: Tibco 142 Products

Hawk monitoring agent

Enterprise message service

Smartsockets rtserver

Adapter files z os

Iprocess engine

Rendezvous datasecurity

Substantiation es

Mainframe service tracker

Administrator

Activematrix businessworks service engine

Activematrix service bus

Activematrix service grid

Activematrix service performance manager

Activematrix bpm

Silver bpm service

Silver cap service

Collaborative information manager

Silver businessworks service

Iprocess workspace

Spotfire analytics server

Spotfire server

Managed file transfer command center

Managed file transfer internet server

Activematrix businessworks

Silver fabric activematrix service grid distribution

Spotfire professional

Web player automation services

Spotfire statistics services

Spotfire web player

Enterprise administrator

Enterprise administrator sdk

Messaging appliance

Automation services

Silver fabric enabler

Spotfire deployment kit

Activematrix management agent

Activematrix policy agent

Activematrix policy manager

Silver fabric enabler for spotfire webplayer

Spotfire analyst

Spotfire analytics platform for aws

Spotfire automation services

Spotfire desktop

Spotfire desktop language packs

Rendezvous network server

Enterprise message service appliance

Enterprise message service appliance firmware

Jasperreports server community edition

Jasperreports server for activematrix bpm

Jasperreports server

Jaspersoft for aws with multitenancy

Jaspersoft reporting and analytics for aws

Jasperreports library community edition

Jaspersoft studio for activematrix bpm

Jasperreports professional

Jaspersoft for aws with multi-tenancy

Jasperreports library for activematrix bpm

Jasperreports library

Jaspersoft reporting and analytics

Jaspersoft studio

Businessworks process monitor

Datasynapse gridserver manager

Data virtualization

Silver fabric enabler for spotfire web player

Spotfire connectors

Spotfire client

Spotfire web player client

Activematrix businessworks distribution for tibco silver fabric

Statistica server

Messaging - apache kafka distribution - schema repository

Rendezvous for z/linux

Rendezvous for z/os

Data science for aws

Spotfire data science

Activematrix business process management

Activematrix policy director

See all Products for Vendor Tibco

Copyright 2024, cxsecurity.com