7.0.0

CVSS 9.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

SINGLE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

tibco

critical

NVD

Published: 2017-12-13

Updated: 2019-10-09

Summary

The tibbr user profiles components of tibbr Community, and tibbr Enterprise expose a weakness in an improperly sandboxed third-party component. Affected releases are TIBCO Software Inc. tibbr Community 5.2.1 and below; 6.0.0; 6.0.1; 7.0.0, tibbr Enterprise 5.2.1 and below; 6.0.0; 6.0.1; 7.0.0.

Vulnerable Configurations

Part	Description	Count
Application	Tibco Tibco Tibbr * Tibco Tibbr 6.0.0 Tibco Tibbr 6.0.1 Tibco Tibbr 7.0.0	8

References

https://www.tibco.com/support/advisories/2017/12/tibco-security-advisory-december-12-2017-tibbr-2017-5534