Security Advisory Regarding TIBCO EBX
Article ID: KB0108027
Updated On:
| Products | Versions |
|---|---|
| TIBCO EBX | 5.9.12 and below |
Description
TIBCO EBX Cross Site Scripting (XSS)
Original release date: January 26, 2021
Last revised: ---
Source: TIBCO Software Inc.
Description
The component listed above contains a vulnerability that theoretically allows
a low privileged attacker with network access to execute a Stored Cross Site
Scripting (XSS) attack on the affected system.
Impact
The impact of these vulnerabilities include the possibility that an attacker
would gain full administrative access to the web interface of the affected
component.
CVSS v3 Base Score: 8.0 (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H)
Original release date: January 26, 2021
Last revised: ---
Source: TIBCO Software Inc.
Description
The component listed above contains a vulnerability that theoretically allows
a low privileged attacker with network access to execute a Stored Cross Site
Scripting (XSS) attack on the affected system.
Impact
The impact of these vulnerabilities include the possibility that an attacker
would gain full administrative access to the web interface of the affected
component.
CVSS v3 Base Score: 8.0 (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H)
Issue/Introduction
Security Advisory Regarding TIBCO EBX Cross Site Scripting (XSS)
Environment
Systems Affected
TIBCO EBX versions 5.9.12 and below
The following component is affected:
* TIBCO EBX Web Server
Resolution
TIBCO has released updated versions of the affected systems which address this
issue:
TIBCO EBX versions 5.9.12 and below update to version 5.9.13 or higher
Additional Information
http://www.tibco.com/services/support/advisories
CVE-2021-23271
CVE-2021-23271
Feedback
Yes
No
Powered by
