TIBCO Managed File Transfer vulnerabilities Original release date: October 29, 2014 Last revised: -- Source: TIBCO Software Inc. Systems Affected TIBCO Managed File Transfer Internet Server 7.2.3 and earlier TIBCO Managed File Transfer Command Center 7.2.3 and earlier TIBCO Slingshot 1.9.2 and earlier TIBCO Vault 1.1.0 The following components are affected: * TIBCO Managed File Transfer engine * TIBCO Slingshot server * TIBCO Vault server Description The TIBCO Managed File Transfer components listed above contain a critical vulnerability that may allow an agent to gain privileges and assume an identity. TIBCO has released updated versions of the affected software products which address these issues. TIBCO strongly recommends sites running the affected components install the applicable update as described below. Impact The impact of these vulnerabilities may include information disclosure or information modification Solution For each affected system, update to the corresponding software versions: TIBCO Managed File Transfer Internet Server 7.2.4 or later TIBCO Managed File Transfer Command Center 7.2.4 or later TIBCO Slingshot 1.9.3 or later TIBCO Vault 1.1.1 or later References http://www.tibco.com/mk/advisory.jsp CVE: CVE-2014-7194