PT-2018-16948 · Tibco · Tibco Data Virtualization

Published

2018-06-20

Updated

2019-10-09

CVE-2018-5428

CVSS v2.0

9.0

High

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions TIBCO Data Virtualization versions 7.0.5 through 7.0.6

Description The issue in TIBCO Data Virtualization may allow for arbitrary command execution due to vulnerabilities in the version control adapters component.

Recommendations For versions 7.0.5 and 7.0.6, update to a version that contains a fix for this issue to prevent arbitrary command execution. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-77

Related Identifiers

CVE-2018-5428

Affected Products

Tibco Data Virtualization

PT-2018-16948 · Tibco · Tibco Data Virtualization

CVE-2018-5428

Weakness Enumeration

Related Identifiers

Affected Products

References · 4