PT-2019-12181 · Tibco · Tibco Activematrix Bpm Distribution For Tibco Silver Fabric+2
Publicado
2019-04-24
·
Atualizado
2021-11-06
·
CVE-2019-11203
CVSS v3.1
8.8
Alta
| Vetor | AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
TIBCO ActiveMatrix BPM versions up to and including 4.2.0
TIBCO ActiveMatrix BPM Distribution for TIBCO Silver Fabric versions up to and including 4.2.0
TIBCO Silver Fabric Enabler for ActiveMatrix BPM versions up to and including 1.4.1
Description
The issue affects the workspace client, openspace client, app development client, and REST API of the mentioned TIBCO products, involving cross-site scripting (XSS) and cross-site request forgery vulnerabilities.
Recommendations
For TIBCO ActiveMatrix BPM versions up to and including 4.2.0, update to a version later than 4.2.0.
For TIBCO ActiveMatrix BPM Distribution for TIBCO Silver Fabric versions up to and including 4.2.0, update to a version later than 4.2.0.
For TIBCO Silver Fabric Enabler for ActiveMatrix BPM versions up to and including 1.4.1, update to a version later than 1.4.1.
Correção
CSRF
XSS
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Tibco Activematrix Bpm
Tibco Activematrix Bpm Distribution For Tibco Silver Fabric
Tibco Silver Fabric Enabler For Activematrix Bpm