TIBCO Position on SolarWinds Malware Attack

TIBCO Position on SolarWinds Malware Attack

book

Article ID: KB0108025

calendar_today

Updated On:

Products

All Products

Description

As you may have heard, SolarWinds, a network monitoring and management ISV, has experienced a highly sophisticated, manual supply chain attack on its SolarWinds® Orion® Platform. On December 13, 2020, SolarWinds published an announcement stating that their Orion Platform had been tainted with malware. The affected versions were Orion update versions 2019.4 through 2020.2.1, released between March 2020 and June 2020.

TIBCO immediately launched an investigation into its use of the SolarWinds® Orion® Platform.  Our investigation has determined that no affected versions of the SolarWinds® Orion® Platform are in use at TIBCO.   This notice has also been published on the TIBCO website at https://www.tibco.com/support/notices/2020/12/solarwinds-customer-notice.

TIBCO completed the acquisition of Information Builders (IBI) on 05 January 2021. TIBCO has confirmed that IBI does not currently, nor has it ever used the SolarWinds® Orion® Platform.  Therefore IBI was not impacted by the SolarWinds vulnerabilities and malware pre or post acquisition. 

If you have any questions, please open a case with TIBCO Support and reference “SolarWinds”. 

Issue/Introduction

No affected versions of the SolarWinds® Orion® Platform are in use at TIBCO

Environment

All products and all TIBCO SaaS offerings, including, but not limited to TIBCO Cloud, Mashery, Reward, and Scribe