Security Advisory regarding TIBCO Active Matrix BusinessWorks
Article ID: KB0137661
Updated On:
| Products | Versions |
|---|---|
| TIBCO ActiveMatrix BusinessWorks | 5.16.1 only |
Description
TIBCO ActiveMatrix BusinessWorks SQL Injection Vulnerability
Original release date: May 14, 2025
Last revised: ---
CVE-2025-3751
Source: TIBCO Software Inc.
The component listed above contains a vulnerability that can be exploited by an attacker to perform a SQL Injection attack. This could lead to unauthorized access to the database and exposure of sensitive information
Original release date: May 14, 2025
Last revised: ---
CVE-2025-3751
Source: TIBCO Software Inc.
Description:
The component listed above contains a vulnerability that can be exploited by an attacker to perform a SQL Injection attack. This could lead to unauthorized access to the database and exposure of sensitive information
Impact:
This vulnerability could allow an attacker to manipulate the system with the same privileges as the logged-in user, potentially leading to unauthorized database access and exposure of sensitive information.
CVSS v4 Base Score: 7 (High)
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N
CVSS v4 Base Score: 7 (High)
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N
Environment
Products Affected
- TIBCO ActiveMatrix BusinessWorks version 5.16.1
Component Affected
- UDDI Plugin “TIBCO Administrator”
Resolution
TIBCO has released updated versions of the affected systems which address this issue
- TIBCO ActiveMatrix BusinessWorks 5.16.1 HF-01
Issue/Introduction
Security Advisory regarding TIBCO ActiveMatrix BusinessWorks SQL Injection Vulnerability
Additional Information
https://community.tibco.com/advisories
CVE-2025-3751
Feedback
Yes
No
Powered by
