Vulnerability CVE-2015-5711


Published: 2015-09-29

Description:
TIBCO Managed File Transfer Internet Server before 7.2.5, Managed File Transfer Command Center before 7.2.5, Slingshot before 1.9.4, and Vault before 2.0.1 allow remote authenticated users to obtain sensitive information via a crafted HTTP request.

CVSS2 => (AV:N/AC:L/Au:S/C:P/I:N/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4/10
2.9/10
8/10
Exploit range
Attack complexity
Authentication
Remote
Low
Single time
Confidentiality impact
Integrity impact
Availability impact
Partial
None
None
Affected software
Tibco -> Managed file transfer command center 
Tibco -> Managed file transfer internet server 
Tibco -> Slingshot 
Tibco -> Vault 

 References:
http://www.securitytracker.com/id/1033678
http://www.tibco.com/assets/blt423f06fbac6ee0c6/2015-003-advisory.txt
http://www.tibco.com/mk/advisory.jsp

Copyright 2020, cxsecurity.com

 

Back to Top