Vulnerability CVE-2014-2545


Published: 2014-04-30

Description:
TIBCO Managed File Transfer Internet Server before 7.2.2, Managed File Transfer Command Center before 7.2.2, Slingshot before 1.9.1, and Vault before 1.0.1 allow remote attackers to obtain sensitive information via a crafted HTTP request.

Type:

CWE-200

(Information Exposure)

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:N/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
None
None
Affected software
Tibco -> Managed file transfer command center 
Tibco -> Managed file transfer internet server 
Tibco -> Slingshot 
Tibco -> Vault 

 References:
http://www.tibco.com/multimedia/mft_advisory_20140429_tcm8-21013.txt
http://www.tibco.com/mk/advisory.jsp

Copyright 2020, cxsecurity.com

 

Back to Top