CVE-2017-5531

EUVD-2017-14634
Deployments of TIBCO Managed File Transfer Command Center versions 8.0.0 and 8.0.1 and TIBCO Managed File Transfer Internet Server versions 8.0.0 and 8.0.1 that enable the Administrator Service may be affected by a vulnerability which may allow any authenticated user to gain administrative control of Managed File Transfer web applications.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8 HIGH
NETWORK
LOW
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
tibcoCNA
8 HIGH
NETWORK
LOW
LOW
CVSS:3.0/A:H/AC:L/AV:N/C:H/I:H/PR:L/S:U/UI:R
Base Score
CVSS 3.x
EPSS Score
Percentile: 67%
Affected Products (NVD)
VendorProductVersion
tibcomanaged_file_transfer_command_center
8.0.0
tibcomanaged_file_transfer_command_center
8.0.1
tibcomanaged_file_transfer_internet_server
8.0.0
tibcomanaged_file_transfer_internet_server
8.0.1
𝑥
= Vulnerable software versions
References
http://www.securityfocus.com/bid/101545
http://www.tibco.com/services/support/advisories
https://www.tibco.com/support/advisories/2017/10/tibco-security-advisory-october-17-2017-tibco-managed-file-transfer
http://www.securityfocus.com/bid/101545
http://www.tibco.com/services/support/advisories
https://www.tibco.com/support/advisories/2017/10/tibco-security-advisory-october-17-2017-tibco-managed-file-transfer