Security Advisory Regarding TIBCO Data Virtualization

Security Advisory Regarding TIBCO Data Virtualization

book

Article ID: KB0107969

calendar_today

Updated On:

Products Versions
TIBCO Data Virtualization 8.5.2 and below

Description

TIBCO Data Virtualization Access Control Vulnerability

  Original release date: July 19, 2022
  Last revised: ---
  Source: TIBCO Software Inc.

Description

  The component listed above contains an easily exploitable vulnerability that
  allows a low privileged attacker with network access to obtain read access to
  application information on the affected system.


Impact

  Successful execution of this vulnerability can result in unauthorized read
  access to application information on the affected system.

  CVSS v3.1 Base Score: 6.5 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)

Issue/Introduction

Security Advisory Regarding TIBCO Data Virtualization Access Control Vulnerability

Environment

Products Affected TIBCO Data Virtualization versions 8.5.2 and below TIBCO Data Virtualization for AWS Marketplace versions 8.5.2 and below The following component is affected: * Column Based Security

Resolution

Solution

  TIBCO has released updated versions of the affected systems which address this
  issue:

  TIBCO Data Virtualization versions 8.5.2 and below: update to version 8.5.3
    or later

  TIBCO Data Virtualization for AWS Marketplace versions 8.5.2 and below:
    update to version 8.6.0 or later

TIBCO recommends that customers upgrade to these versions to secure their deployments.

Additional Information

  https://www.tibco.com/services/support/advisories
  CVE-2022-30570
 
Powered by Wolken Software