CVE-2011-2021

Session fixation vulnerability in TIBCO iProcess Engine before 11.1.3 and iProcess Workspace before 11.3.1 allows remote attackers to hijack web sessions via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 70%
VendorProductVersion
tibcoiprocess_engine
𝑥
≤ 11.1.2
tibcoiprocess_engine
10.3.0
tibcoiprocess_engine
10.3.1
tibcoiprocess_engine
10.3.2
tibcoiprocess_engine
10.3.3
tibcoiprocess_engine
10.3.4
tibcoiprocess_engine
10.3.5
tibcoiprocess_engine
10.4
tibcoiprocess_engine
10.4.1
tibcoiprocess_engine
10.5
tibcoiprocess_engine
10.6
tibcoiprocess_engine
10.6.0
tibcoiprocess_engine
10.6.1
tibcoiprocess_engine
10.6.2
tibcoiprocess_engine
11.0
tibcoiprocess_engine
11.1.1
tibcoiprocess_workspace
𝑥
≤ 11.3
tibcoiprocess_workspace
11.0
tibcoiprocess_workspace
11.1
tibcoiprocess_workspace
11.2
𝑥
= Vulnerable software versions
References
http://osvdb.org/72554
http://secunia.com/advisories/44639
http://www.securityfocus.com/bid/47921
http://www.tibco.com/multimedia/iprocess_advisory_20110518_tcm8-13710.txt
http://www.tibco.com/services/support/advisories/iprocess-advisory_20110518.jsp
http://www.vupen.com/english/advisories/2011/1272
https://exchange.xforce.ibmcloud.com/vulnerabilities/67538
http://osvdb.org/72554
http://secunia.com/advisories/44639
http://www.securityfocus.com/bid/47921
http://www.tibco.com/multimedia/iprocess_advisory_20110518_tcm8-13710.txt
http://www.tibco.com/services/support/advisories/iprocess-advisory_20110518.jsp
http://www.vupen.com/english/advisories/2011/1272
https://exchange.xforce.ibmcloud.com/vulnerabilities/67538