CVE-2018-12414

Name of the Vulnerable Software and Affected Versions TIBCO Rendezvous versions up to and including 8.4.5 TIBCO Rendezvous Developer Edition versions up to and including 8.4.5 TIBCO Rendezvous for z/Linux versions up to and including 8.4.5 TIBCO Rendezvous for z/OS versions up to and including 8.4.5 TIBCO Rendezvous Network Server versions up to and including 1.1.2 TIBCO Substation ES versions up to and including 2.12.2

Description The vulnerability in the components of TIBCO Rendezvous may allow an attacker to perform cross-site request forgery (CSRF) attacks, potentially leading to unauthorized access to protected information.

Recommendations For TIBCO Rendezvous versions up to and including 8.4.5, update to a version later than 8.4.5. For TIBCO Rendezvous Developer Edition versions up to and including 8.4.5, update to a version later than 8.4.5. For TIBCO Rendezvous for z/Linux versions up to and including 8.4.5, update to a version later than 8.4.5. For TIBCO Rendezvous for z/OS versions up to and including 8.4.5, update to a version later than 8.4.5. For TIBCO Rendezvous Network Server versions up to and including 1.1.2, update to a version later than 1.1.2. For TIBCO Substation ES versions up to and including 2.12.2, update to a version later than 2.12.2.