CVE-2021-35500

Name of the Vulnerable Software and Affected Versions TIBCO Data Virtualization versions 8.5.0 and below TIBCO Data Virtualization for AWS Marketplace versions 8.5.0 and below

Description The Data Virtualization Server component of TIBCO Software Inc.'s TIBCO Data Virtualization contains a difficult to exploit vulnerability that allows a low privileged attacker with local access to download arbitrary files outside of the scope of the user's permissions on the affected system.

Recommendations For TIBCO Data Virtualization versions 8.5.0 and below, consider restricting access to sensitive files and directories to minimize the risk of exploitation. For TIBCO Data Virtualization for AWS Marketplace versions 8.5.0 and below, consider restricting access to sensitive files and directories to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.