CVE-2018-12414 — Cross-Site Request Forgery in Software INC Tibco Rendezvous
Severity
8.8HIGHNVD
CNA7.5
EPSS
0.1%
top 67.06%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedNov 6
Latest updateMay 13
Description
The Rendezvous Routing Daemon (rvrd), Rendezvous Secure Routing Daemon (rvrsd), Rendezvous Secure Daemon (rvsd), Rendezvous Cache (rvcache), and Rendezvous Daemon Manager (rvdm) components of TIBCO Software Inc.'s TIBCO Rendezvous, TIBCO Rendezvous Developer Edition, TIBCO Rendezvous for z/Linux, TIBCO Rendezvous for z/OS, TIBCO Rendezvous Network Server, TIBCO Substation ES contain vulnerabilities which may allow an attacker to perform cross-site request forgery (CSRF) attacks. Affected release…
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9