CVE-2021-28829

Name of the Vulnerable Software and Affected Versions: TIBCO Administrator - Enterprise Edition versions 5.11.1 and below TIBCO Administrator - Enterprise Edition Distribution for TIBCO Silver Fabric versions 5.11.1 and below TIBCO Administrator - Enterprise Edition for z/Linux versions 5.11.1 and below

Description: The Administration GUI component of TIBCO Software Inc.'s TIBCO Administrator contains a vulnerability that allows a low privileged attacker with network access to execute a persistent CSV injection attack from the affected system. A successful attack using this vulnerability requires human interaction from a person other than the attacker.

Recommendations: For TIBCO Administrator - Enterprise Edition versions 5.11.1 and below, consider disabling access to the Administration GUI component until a patch is available. For TIBCO Administrator - Enterprise Edition Distribution for TIBCO Silver Fabric versions 5.11.1 and below, restrict access to the vulnerable component to minimize the risk of exploitation. For TIBCO Administrator - Enterprise Edition for z/Linux versions 5.11.1 and below, avoid using the affected system for sensitive operations until the issue is resolved.