CVE-2021-28829 — Injection in Software INC Tibco Administrator Enterprise Edition

CWE-74 — Injection3 documents3 sources

Severity

8.0HIGHNVD

CNA6.5

EPSS

0.3%

top 48.96%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Tibco Software INC Tibco Administrator Enterprise Edition Tibco Software INC Tibco Administrator Enterprise Edition Distribution FOR Tibco Silver Fabric Tibco Software INC Tibco Administrator Enterprise Edition FOR Z Linux +1 more

Timeline

PublishedApr 20

Latest updateMay 24

Description

The Administration GUI component of TIBCO Software Inc.'s TIBCO Administrator - Enterprise Edition, TIBCO Administrator - Enterprise Edition, TIBCO Administrator - Enterprise Edition Distribution for TIBCO Silver Fabric, TIBCO Administrator - Enterprise Edition Distribution for TIBCO Silver Fabric, TIBCO Administrator - Enterprise Edition for z/Linux, and TIBCO Administrator - Enterprise Edition for z/Linux contains an easily exploitable vulnerability that allows a low privileged attacker with n…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:HExploitability: 2.1 | Impact: 5.9

Affected Packages4 packages

▶CVEListV5tibco_software_inc/tibco_administrator_enterprise_edition_distribution_for_tibco_silver_fabricunspecified — 5.10.2+2

▶CVEListV5tibco_software_inc/tibco_administrator_enterprise_edition_for_z_linuxunspecified — 5.10.2+2

▶CVEListV5tibco_software_inc/tibco_administrator_enterprise_editionunspecified — 5.10.2+2

▶NVDtibco/administrator5.10.2+2

🔴Vulnerability Details

GHSA

GHSA-g4j8-c6w6-98xm: The Administration GUI component of TIBCO Software Inc↗2022-05-24

▶

CVEList

TIBCO Administrator CSV injection vulnerability↗2021-04-20

▶