PT-2022-11769 · Tibco · Tibco Eftl - Developer Edition+2

Published

2022-01-11

Updated

2022-07-12

CVE-2021-43055

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions TIBCO eFTL - Community Edition versions 6.7.2 and below TIBCO eFTL - Developer Edition versions 6.7.2 and below TIBCO eFTL - Enterprise Edition versions 6.7.2 and below

Description The eFTL Server component contains an easily exploitable issue that allows clients to inherit the permissions of the client that initially connected on the affected system.

Recommendations For TIBCO eFTL - Community Edition versions 6.7.2 and below, update to a version above 6.7.2. For TIBCO eFTL - Developer Edition versions 6.7.2 and below, update to a version above 6.7.2. For TIBCO eFTL - Enterprise Edition versions 6.7.2 and below, update to a version above 6.7.2.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2021-43055

Affected Products

Tibco Eftl - Community Edition

Tibco Eftl - Developer Edition

Tibco Ftl - Enterprise Edition

PT-2022-11769 · Tibco · Tibco Eftl - Developer Edition+2

CVE-2021-43055

Related Identifiers

Affected Products

References · 6