ID CVE-2018-5433
Summary The TIBCO Administrator server component of TIBCO Software Inc.'s TIBCO Administrator - Enterprise Edition, and TIBCO Administrator - Enterprise Edition for z/Linux contains vulnerabilities wherein a malicious user could perform XML external entity expansion (XXE) attacks to disclose host machine information. Affected releases are TIBCO Software Inc.'s TIBCO Administrator - Enterprise Edition: versions up to and including 5.10.0, and TIBCO Administrator - Enterprise Edition for z/Linux: versions up to and including 5.9.1.
References
Vulnerable Configurations
  • cpe:2.3:a:tibco:administrator:5.9.1:-:-:-:enterprise:-:linux_kernel
    cpe:2.3:a:tibco:administrator:5.9.1:-:-:-:enterprise:-:linux_kernel
  • cpe:2.3:a:tibco:administrator:5.10.0:-:-:-:enterprise
    cpe:2.3:a:tibco:administrator:5.10.0:-:-:-:enterprise
CVSS
Base: 6.8
Impact:
Exploitability:
CWE CWE-611
CAPEC
refmap via4
bid 104451
confirm https://www.tibco.com/support/advisories/2018/06/security-advisory-june-12-2018-tibco-administrator-enterprise-edition-2018-5433
Last major update 13-06-2018 - 09:29
Published 13-06-2018 - 09:29
Last modified 11-08-2018 - 13:53
Back to Top