Vulnerabilities > Tibco > Activespaces

DATE CVE VULNERABILITY TITLE RISK
2021-10-05 CVE-2021-35497 Improper Certificate Validation vulnerability in Tibco Activespaces, Eftl and FTL
The FTL Server (tibftlserver) and Docker images containing tibftlserver components of TIBCO Software Inc.'s TIBCO ActiveSpaces - Community Edition, TIBCO ActiveSpaces - Developer Edition, TIBCO ActiveSpaces - Enterprise Edition, TIBCO FTL - Community Edition, TIBCO FTL - Developer Edition, TIBCO FTL - Enterprise Edition, TIBCO eFTL - Community Edition, TIBCO eFTL - Developer Edition, and TIBCO eFTL - Enterprise Edition contain a vulnerability that theoretically allows a non-administrative, authenticated FTL user to trick the affected components into creating illegitimate certificates.
network
tibco CWE-295
6.0
6.0
2021-03-23 CVE-2021-28824 Incorrect Authorization vulnerability in Tibco Activespaces
The Windows Installation component of TIBCO Software Inc.'s TIBCO ActiveSpaces - Community Edition, TIBCO ActiveSpaces - Developer Edition, and TIBCO ActiveSpaces - Enterprise Edition contains a vulnerability that theoretically allows a low privileged attacker with local access on some versions of the Windows operating system to insert malicious software.
local
low complexity
tibco CWE-863
8.8
8.8
2018-11-06 CVE-2018-12411 Cross-Site Request Forgery (CSRF) vulnerability in Tibco Activespaces
The administrative daemon (tibdgadmind) of TIBCO Software Inc.'s TIBCO ActiveSpaces - Community Edition, TIBCO ActiveSpaces - Developer Edition, and TIBCO ActiveSpaces - Enterprise Edition contains a vulnerability which may allow an attacker to perform cross-site request forgery (CSRF) attacks.
network
tibco CWE-352
6.8
6.8