CVE-2022-22772

Name of the Vulnerable Software and Affected Versions TIBCO Managed File Transfer Platform Server for UNIX versions 8.1.0 and below TIBCO Managed File Transfer Platform Server for z/Linux versions 8.1.0 and below

Description The cfsend, cfrecv, and CyberResp components of TIBCO Software Inc.'s TIBCO Managed File Transfer Platform Server contain a difficult to exploit Remote Code Execution (RCE) vulnerability. This allows a low privileged attacker with network access to execute arbitrary code on the affected system.

Recommendations For TIBCO Managed File Transfer Platform Server for UNIX versions 8.1.0 and below, consider disabling the cfsend, cfrecv, and CyberResp components until a patch is available. For TIBCO Managed File Transfer Platform Server for z/Linux versions 8.1.0 and below, consider disabling the cfsend, cfrecv, and CyberResp components until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.