CVE-2017-5531 - Deployments of TIBCO Managed File Transfer Command Center versions 8.0.0 and 8.0.1 and TIBCO Managed

CVE-2017-5531

Summary

Deployments of TIBCO Managed File Transfer Command Center versions 8.0.0 and 8.0.1 and TIBCO Managed File Transfer Internet Server versions 8.0.0 and 8.0.1 that enable the Administrator Service may be affected by a vulnerability which may allow any authenticated user to gain administrative control of Managed File Transfer web applications.

References

Vulnerable Configurations

cpe:2.3:a:tibco:managed_file_transfer_command_center:8.0.0:*:*:*:*:*:*:*
cpe:2.3:a:tibco:managed_file_transfer_command_center:8.0.0:*:*:*:*:*:*:*
cpe:2.3:a:tibco:managed_file_transfer_command_center:8.0.1:*:*:*:*:*:*:*
cpe:2.3:a:tibco:managed_file_transfer_command_center:8.0.1:*:*:*:*:*:*:*
cpe:2.3:a:tibco:managed_file_transfer_internet_server:8.0.0:*:*:*:*:*:*:*
cpe:2.3:a:tibco:managed_file_transfer_internet_server:8.0.0:*:*:*:*:*:*:*
cpe:2.3:a:tibco:managed_file_transfer_internet_server:8.0.1:*:*:*:*:*:*:*
cpe:2.3:a:tibco:managed_file_transfer_internet_server:8.0.1:*:*:*:*:*:*:*

CVSS

Base:	6.5 (as of 09-10-2019 - 23:28)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	SINGLE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:S/C:P/I:P/A:P

refmap via4

bid	101545
confirm	https://www.tibco.com/support/advisories/2017/10/tibco-security-advisory-october-17-2017-tibco-managed-file-transfer
misc	http://www.tibco.com/services/support/advisories

Last major update

09-10-2019 - 23:28

Published

17-10-2017 - 20:29

Last modified

09-10-2019 - 23:28