Vulnerabilities > Tibco > Managed File Transfer Command Center > 6.7
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-06-30 | CVE-2020-9414 | Cross-site Scripting vulnerability in Tibco products The MFT admin service component of TIBCO Software Inc.'s TIBCO Managed File Transfer Command Center and TIBCO Managed File Transfer Internet Server contains a vulnerability that theoretically allows an authenticated user with specific permissions to obtain the session identifier of another user. | 8.8 |
2020-06-30 | CVE-2020-9413 | Cross-site Scripting vulnerability in Tibco products The MFT Browser file transfer client and MFT Browser admin client components of TIBCO Software Inc.'s TIBCO Managed File Transfer Command Center and TIBCO Managed File Transfer Internet Server contain a vulnerability that theoretically allows an attacker to craft an URL that will execute arbitrary commands on the affected system. | 9.6 |
2018-12-11 | CVE-2018-18810 | Unspecified vulnerability in Tibco products The Administrator Service component of TIBCO Software Inc.'s TIBCO Managed File Transfer Command Center, and TIBCO Managed File Transfer Internet Server contains vulnerabilities where an authenticated user with specific privileges can gain access to credentials to other systems. | 4.0 |
2015-09-29 | CVE-2015-5711 | Information Exposure vulnerability in Tibco products TIBCO Managed File Transfer Internet Server before 7.2.5, Managed File Transfer Command Center before 7.2.5, Slingshot before 1.9.4, and Vault before 2.0.1 allow remote authenticated users to obtain sensitive information via a crafted HTTP request. | 4.0 |
2014-11-21 | CVE-2014-7194 | Permissions, Privileges, and Access Controls vulnerability in Tibco products TIBCO Managed File Transfer Internet Server before 7.2.4, Managed File Transfer Command Center before 7.2.4, Slingshot before 1.9.3, and Vault before 1.1.1 allow remote attackers to obtain sensitive information or modify data by leveraging agent access. | 6.4 |
2014-04-30 | CVE-2014-2545 | Information Exposure vulnerability in Tibco products TIBCO Managed File Transfer Internet Server before 7.2.2, Managed File Transfer Command Center before 7.2.2, Slingshot before 1.9.1, and Vault before 1.0.1 allow remote attackers to obtain sensitive information via a crafted HTTP request. | 5.0 |
2011-09-19 | CVE-2011-3424 | Cross-Site Scripting vulnerability in Tibco products Session fixation vulnerability in the Managed File Transfer server in TIBCO Managed File Transfer Internet Server before 7.1.1 and Managed File Transfer Command Center before 7.1.1, and the server in TIBCO Slingshot before 1.8.1, allows remote attackers to hijack web sessions via unspecified vectors. network tibco | 4.3 |
2011-09-19 | CVE-2011-3423 | Cross-Site Scripting vulnerability in Tibco products Cross-site scripting (XSS) vulnerability in the Managed File Transfer server in TIBCO Managed File Transfer Internet Server before 7.1.1 and Managed File Transfer Command Center before 7.1.1, and the server in TIBCO Slingshot before 1.8.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |