CVE-2017-5531

Deployments of TIBCO Managed File Transfer Command Center versions 8.0.0 and 8.0.1 and TIBCO Managed File Transfer Internet Server versions 8.0.0 and 8.0.1 that enable the Administrator Service may be affected by a vulnerability which may allow any authenticated user to gain administrative control of Managed File Transfer web applications.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8 HIGH
NETWORK
LOW
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
tibcoCNA
8 HIGH
NETWORK
LOW
LOW
CVSS:3.0/A:H/AC:L/AV:N/C:H/I:H/PR:L/S:U/UI:R
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 66%
VendorProductVersion
tibcomanaged_file_transfer_command_center
8.0.0
tibcomanaged_file_transfer_command_center
8.0.1
tibcomanaged_file_transfer_internet_server
8.0.0
tibcomanaged_file_transfer_internet_server
8.0.1
𝑥
= Vulnerable software versions
References
http://www.securityfocus.com/bid/101545
http://www.tibco.com/services/support/advisories
https://www.tibco.com/support/advisories/2017/10/tibco-security-advisory-october-17-2017-tibco-managed-file-transfer
http://www.securityfocus.com/bid/101545
http://www.tibco.com/services/support/advisories
https://www.tibco.com/support/advisories/2017/10/tibco-security-advisory-october-17-2017-tibco-managed-file-transfer