CVE-2020-9412

Name of the Vulnerable Software and Affected Versions: TIBCO Managed File Transfer Platform Server for IBM i versions 7.1.0 and below TIBCO Managed File Transfer Platform Server for IBM i version 8.0.0

Description: The issue is related to insufficient input validation in the file transfer component of the TIBCO Managed File Transfer Platform Server. This could potentially allow a remote attacker to execute arbitrary code. The vulnerability may also allow the execution of arbitrary commands at the privilege level of the affected system following a failed file transfer.

Recommendations: For TIBCO Managed File Transfer Platform Server for IBM i versions 7.1.0 and below, update to a version above 7.1.0 to resolve the issue. For TIBCO Managed File Transfer Platform Server for IBM i version 8.0.0, consider disabling the file transfer component until a patch is available. As a temporary workaround, restrict access to the file transfer component to minimize the risk of exploitation.