CVE-2011-2021

EUVD-2011-2015
Session fixation vulnerability in TIBCO iProcess Engine before 11.1.3 and iProcess Workspace before 11.3.1 allows remote attackers to hijack web sessions via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 71%
Affected Products (NVD)
VendorProductVersion
tibcoiprocess_engine
𝑥
≤ 11.1.2
tibcoiprocess_engine
10.3.0
tibcoiprocess_engine
10.3.1
tibcoiprocess_engine
10.3.2
tibcoiprocess_engine
10.3.3
tibcoiprocess_engine
10.3.4
tibcoiprocess_engine
10.3.5
tibcoiprocess_engine
10.4
tibcoiprocess_engine
10.4.1
tibcoiprocess_engine
10.5
tibcoiprocess_engine
10.6
tibcoiprocess_engine
10.6.0
tibcoiprocess_engine
10.6.1
tibcoiprocess_engine
10.6.2
tibcoiprocess_engine
11.0
tibcoiprocess_engine
11.1.1
tibcoiprocess_workspace
𝑥
≤ 11.3
tibcoiprocess_workspace
11.0
tibcoiprocess_workspace
11.1
tibcoiprocess_workspace
11.2
𝑥
= Vulnerable software versions
References
http://osvdb.org/72554
http://secunia.com/advisories/44639
http://www.securityfocus.com/bid/47921
http://www.tibco.com/multimedia/iprocess_advisory_20110518_tcm8-13710.txt
http://www.tibco.com/services/support/advisories/iprocess-advisory_20110518.jsp
http://www.vupen.com/english/advisories/2011/1272
https://exchange.xforce.ibmcloud.com/vulnerabilities/67538
http://osvdb.org/72554
http://secunia.com/advisories/44639
http://www.securityfocus.com/bid/47921
http://www.tibco.com/multimedia/iprocess_advisory_20110518_tcm8-13710.txt
http://www.tibco.com/services/support/advisories/iprocess-advisory_20110518.jsp
http://www.vupen.com/english/advisories/2011/1272
https://exchange.xforce.ibmcloud.com/vulnerabilities/67538