PT-2018-8253 · Tibco · Tibco Datasynapse Gridserver Manager

Published

2018-05-01

Updated

2019-10-09

CVE-2017-5535

CVSS v3.1

6.8

Medium

Vector

AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

Name of the Vulnerable Software and Affected Versions: TIBCO DataSynapse GridServer Manager versions up to and including 6.2.0

Description: The issue is related to the improper use of encryption mechanisms and the use of weak ciphers in the GridServer Broker, GridServer Driver, and GridServer Engine components. This could allow a malicious actor to compromise the traffic between any of the components.

Recommendations: For versions up to and including 6.2.0, update to a version that addresses the improper use of encryption mechanisms and the use of weak ciphers to prevent potential traffic compromise.

Fix

Inadequate Encryption Strength

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-326

Related Identifiers

CVE-2017-5535

Affected Products

Tibco Datasynapse Gridserver Manager

PT-2018-8253 · Tibco · Tibco Datasynapse Gridserver Manager

CVE-2017-5535

Weakness Enumeration

Related Identifiers

Affected Products

References · 3