CVE-2021-43053

EPSS 0.3%
Veröffentlicht 11.01.2022 19:15:07
Zuletzt bearbeitet 21.11.2024 06:28:36
Quelle security@tibco.com
Teams Watchlist Login
Unerledigt Login

The Realm Server component of TIBCO Software Inc.'s TIBCO FTL - Community Edition, TIBCO FTL - Developer Edition, and TIBCO FTL - Enterprise Edition contains a difficult to exploit vulnerability that allows an unauthenticated attacker with network access to obtain the cluster secret of another application connected to the realm server. Affected releases are TIBCO Software Inc.'s TIBCO FTL - Community Edition: versions 6.7.2 and below, TIBCO FTL - Developer Edition: versions 6.7.2 and below, and TIBCO FTL - Enterprise Edition: versions 6.7.2 and below.

Betroffene Produkte Warnungen 0 Metriken 4 CWE 0 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Tibco ≫ Ftl SwEditioncommunity Version <= 6.7.2

Tibco ≫ Ftl SwEditiondeveloper Version <= 6.7.2

Tibco ≫ Ftl SwEditionenterprise Version <= 6.7.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.3%	0.503

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N
security@tibco.com	8.5	3.1	4.7	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N

https://www.tibco.com/services/support/advisories

Vendor Advisory

https://www.tibco.com/support/advisories/2022/01/tibco-security-advisory-january-11-2022-tibco-ftl-2021-43053

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2021-43053

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-43053

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-43053

EUVD