CVE-2021-43053

EPSS 0.3%
Published 11.01.2022 19:15:07
Last modified 21.11.2024 06:28:36
Source security@tibco.com
Teams watchlist Login
Open Login

The Realm Server component of TIBCO Software Inc.'s TIBCO FTL - Community Edition, TIBCO FTL - Developer Edition, and TIBCO FTL - Enterprise Edition contains a difficult to exploit vulnerability that allows an unauthenticated attacker with network access to obtain the cluster secret of another application connected to the realm server. Affected releases are TIBCO Software Inc.'s TIBCO FTL - Community Edition: versions 6.7.2 and below, TIBCO FTL - Developer Edition: versions 6.7.2 and below, and TIBCO FTL - Enterprise Edition: versions 6.7.2 and below.

Affected products Warnungen 0 Metrics 4 CWE 0 References 5

Data is provided by the National Vulnerability Database (NVD)

Tibco ≫ Ftl SwEditioncommunity Version <= 6.7.2

Tibco ≫ Ftl SwEditiondeveloper Version <= 6.7.2

Tibco ≫ Ftl SwEditionenterprise Version <= 6.7.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.3%	0.503

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N
security@tibco.com	8.5	3.1	4.7	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N

https://www.tibco.com/services/support/advisories

Vendor Advisory

https://www.tibco.com/support/advisories/2022/01/tibco-security-advisory-january-11-2022-tibco-ftl-2021-43053

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2021-43053

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-43053

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-43053

EUVD