CVE-2021-43048

Name of the Vulnerable Software and Affected Versions TIBCO PartnerExpress versions 6.2.1 and below

Description The Interior Server and Gateway Server components of TIBCO Software Inc.'s TIBCO PartnerExpress contain a vulnerability that theoretically allows an unauthenticated attacker with network access to execute a clickjacking attack on the affected system. A successful attack using this vulnerability does not require human interaction from a person other than the attacker.

Recommendations For versions 6.2.1 and below, consider disabling the affected components, specifically the Interior Server and Gateway Server, until a patch or fix is available to prevent potential clickjacking attacks. Restrict network access to minimize the risk of exploitation.