1. CVE-Search
  2. CVE-2018-18810
ID CVE-2018-18810
Summary The Administrator Service component of TIBCO Software Inc.'s TIBCO Managed File Transfer Command Center, and TIBCO Managed File Transfer Internet Server contains vulnerabilities where an authenticated user with specific privileges can gain access to credentials to other systems. Affected releases are TIBCO Software Inc.'s TIBCO Managed File Transfer Command Center: versions up to and including 7.3.2; 8.0.0; 8.0.1; 8.0.2; 8.1.0, and TIBCO Managed File Transfer Internet Server: versions up to and including 7.3.2; 8.0.0; 8.0.1; 8.0.2; 8.1.0.
References
Vulnerable Configurations
  • cpe:2.3:a:tibco:managed_file_transfer_command_center:6.7:*:*:*:*:*:*:*
    cpe:2.3:a:tibco:managed_file_transfer_command_center:6.7:*:*:*:*:*:*:*
  • cpe:2.3:a:tibco:managed_file_transfer_command_center:7.0:*:*:*:*:*:*:*
    cpe:2.3:a:tibco:managed_file_transfer_command_center:7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:tibco:managed_file_transfer_command_center:7.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:tibco:managed_file_transfer_command_center:7.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:tibco:managed_file_transfer_command_center:7.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:tibco:managed_file_transfer_command_center:7.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:tibco:managed_file_transfer_command_center:7.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:tibco:managed_file_transfer_command_center:7.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:tibco:managed_file_transfer_command_center:7.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:tibco:managed_file_transfer_command_center:7.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:tibco:managed_file_transfer_command_center:7.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:tibco:managed_file_transfer_command_center:7.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:tibco:managed_file_transfer_command_center:7.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:tibco:managed_file_transfer_command_center:7.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:tibco:managed_file_transfer_command_center:7.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:tibco:managed_file_transfer_command_center:7.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:tibco:managed_file_transfer_command_center:7.2.4:*:*:*:*:*:*:*
    cpe:2.3:a:tibco:managed_file_transfer_command_center:7.2.4:*:*:*:*:*:*:*
  • cpe:2.3:a:tibco:managed_file_transfer_command_center:7.2.5:*:*:*:*:*:*:*
    cpe:2.3:a:tibco:managed_file_transfer_command_center:7.2.5:*:*:*:*:*:*:*
  • cpe:2.3:a:tibco:managed_file_transfer_command_center:7.2.6:*:*:*:*:*:*:*
    cpe:2.3:a:tibco:managed_file_transfer_command_center:7.2.6:*:*:*:*:*:*:*
  • cpe:2.3:a:tibco:managed_file_transfer_command_center:7.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:tibco:managed_file_transfer_command_center:7.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:tibco:managed_file_transfer_command_center:7.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:tibco:managed_file_transfer_command_center:7.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:tibco:managed_file_transfer_command_center:7.3.2:*:*:*:*:*:*:*
    cpe:2.3:a:tibco:managed_file_transfer_command_center:7.3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:tibco:managed_file_transfer_command_center:8.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:tibco:managed_file_transfer_command_center:8.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:tibco:managed_file_transfer_command_center:8.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:tibco:managed_file_transfer_command_center:8.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:tibco:managed_file_transfer_command_center:8.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:tibco:managed_file_transfer_command_center:8.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:tibco:managed_file_transfer_command_center:8.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:tibco:managed_file_transfer_command_center:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:tibco:managed_file_transfer_internet_server:6.7:*:*:*:*:*:*:*
    cpe:2.3:a:tibco:managed_file_transfer_internet_server:6.7:*:*:*:*:*:*:*
  • cpe:2.3:a:tibco:managed_file_transfer_internet_server:7.0:*:*:*:*:*:*:*
    cpe:2.3:a:tibco:managed_file_transfer_internet_server:7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:tibco:managed_file_transfer_internet_server:7.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:tibco:managed_file_transfer_internet_server:7.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:tibco:managed_file_transfer_internet_server:7.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:tibco:managed_file_transfer_internet_server:7.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:tibco:managed_file_transfer_internet_server:7.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:tibco:managed_file_transfer_internet_server:7.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:tibco:managed_file_transfer_internet_server:7.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:tibco:managed_file_transfer_internet_server:7.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:tibco:managed_file_transfer_internet_server:7.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:tibco:managed_file_transfer_internet_server:7.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:tibco:managed_file_transfer_internet_server:7.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:tibco:managed_file_transfer_internet_server:7.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:tibco:managed_file_transfer_internet_server:7.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:tibco:managed_file_transfer_internet_server:7.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:tibco:managed_file_transfer_internet_server:7.2.4:*:*:*:*:*:*:*
    cpe:2.3:a:tibco:managed_file_transfer_internet_server:7.2.4:*:*:*:*:*:*:*
  • cpe:2.3:a:tibco:managed_file_transfer_internet_server:7.2.5:*:*:*:*:*:*:*
    cpe:2.3:a:tibco:managed_file_transfer_internet_server:7.2.5:*:*:*:*:*:*:*
  • cpe:2.3:a:tibco:managed_file_transfer_internet_server:7.2.6:*:*:*:*:*:*:*
    cpe:2.3:a:tibco:managed_file_transfer_internet_server:7.2.6:*:*:*:*:*:*:*
  • cpe:2.3:a:tibco:managed_file_transfer_internet_server:7.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:tibco:managed_file_transfer_internet_server:7.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:tibco:managed_file_transfer_internet_server:7.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:tibco:managed_file_transfer_internet_server:7.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:tibco:managed_file_transfer_internet_server:7.3.2:*:*:*:*:*:*:*
    cpe:2.3:a:tibco:managed_file_transfer_internet_server:7.3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:tibco:managed_file_transfer_internet_server:8.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:tibco:managed_file_transfer_internet_server:8.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:tibco:managed_file_transfer_internet_server:8.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:tibco:managed_file_transfer_internet_server:8.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:tibco:managed_file_transfer_internet_server:8.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:tibco:managed_file_transfer_internet_server:8.1.0:*:*:*:*:*:*:*
CVSS
Base: 4.0 (as of 24-08-2020 - 17:37)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW SINGLE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:L/Au:S/C:P/I:N/A:N
refmap via4
confirm https://www.tibco.com/support/advisories/2018/12/tibco-security-advisory-december-11-2018-tibco-managed-file-transfer
misc http://www.tibco.com/services/support/advisories
Last major update 24-08-2020 - 17:37
Published 11-12-2018 - 19:29
Last modified 24-08-2020 - 17:37
Back to Top