Security Advisory Regarding TIBCO FTL
Article ID: KB0107930
Updated On:
| Products | Versions |
|---|---|
| TIBCO FTL | 6.10.1 and below |
Description
TIBCO FTL Privilege Escalation
Original release date: March 12, 2024
Last revised: ---
Source: TIBCO Software Inc.
Description
The component listed above contains a vulnerability that allows a low
privileged attacker with network access to execute a privilege escalation on
the affected ftlserver.
Impact
Successful exploitation of this vulnerability may result in an authenticated
but unprivileged user arbitrarily reconfiguring FTL clients attached to the
same ftlserver.
CVSS v3.1 Base Score: 8.8 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
Environment
Products Affected
TIBCO FTL - Enterprise Edition versions 6.10.1 and below
The following component is affected:
* FTL Server
Resolution
TIBCO has released updated versions of the affected systems which address this
issue:
TIBCO FTL - Enterprise Edition versions 6.10.1 and below: update to version
6.10.2 or later
issue:
TIBCO FTL - Enterprise Edition versions 6.10.1 and below: update to version
6.10.2 or later
Issue/Introduction
Security Advisory Regarding TIBCO FTL Privilege Escalation
Additional Information
https://community.tibco.com/advisories
CVE-2024-1138
CVE-2024-1138
Feedback
Yes
No
Powered by
