Vulnerabilities > Tibco > Activespaces > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-05 | CVE-2021-35497 | Improper Certificate Validation vulnerability in Tibco Activespaces, Eftl and FTL The FTL Server (tibftlserver) and Docker images containing tibftlserver components of TIBCO Software Inc.'s TIBCO ActiveSpaces - Community Edition, TIBCO ActiveSpaces - Developer Edition, TIBCO ActiveSpaces - Enterprise Edition, TIBCO FTL - Community Edition, TIBCO FTL - Developer Edition, TIBCO FTL - Enterprise Edition, TIBCO eFTL - Community Edition, TIBCO eFTL - Developer Edition, and TIBCO eFTL - Enterprise Edition contain a vulnerability that theoretically allows a non-administrative, authenticated FTL user to trick the affected components into creating illegitimate certificates. | 6.0 |
| 2018-11-06 | CVE-2018-12411 | Cross-Site Request Forgery (CSRF) vulnerability in Tibco Activespaces The administrative daemon (tibdgadmind) of TIBCO Software Inc.'s TIBCO ActiveSpaces - Community Edition, TIBCO ActiveSpaces - Developer Edition, and TIBCO ActiveSpaces - Enterprise Edition contains a vulnerability which may allow an attacker to perform cross-site request forgery (CSRF) attacks. | 6.8 |