Page 8 of 38 results (0.005 seconds)

CVSS: 4.0EPSS: 0%CPEs: 4EXPL: 0

TIBCO Managed File Transfer Internet Server before 7.2.5, Managed File Transfer Command Center before 7.2.5, Slingshot before 1.9.4, and Vault before 2.0.1 allow remote authenticated users to obtain sensitive information via a crafted HTTP request. Vulnerabilidad en TIBCO Managed File Transfer Internet Server en versiones anteriores a 7.2.5, Managed File Transfer Command Center en versiones anteriores a 7.2.5, Slingshot en versiones anteriores a 1.9.4 y Vault en versiones anteriores a 2.0.1, permite a usuarios remotos autenticados obtener información sensible a través de una petición HTTP manipulada. • http://www.securitytracker.com/id/1033678 http://www.tibco.com/assets/blt423f06fbac6ee0c6/2015-003-advisory.txt http://www.tibco.com/mk/advisory.jsp • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 6.4EPSS: 0%CPEs: 4EXPL: 0

TIBCO Managed File Transfer Internet Server before 7.2.4, Managed File Transfer Command Center before 7.2.4, Slingshot before 1.9.3, and Vault before 1.1.1 allow remote attackers to obtain sensitive information or modify data by leveraging agent access. TIBCO Managed File Transfer Internet Server anterior a 7.2.4, Managed File Transfer Command Center anterior a 7.2.4, Slingshot anterior a 1.9.3, y Vault anterior a 1.1.1 permite a atacantes remotos obtener información sensible o modificar datos aprovechandose del acceso de agentes. • http://www.tibco.com/assets/blt7454ec3ae638d8c4/mft-advisory-20141029-008.txt http://www.tibco.com/mk/advisory.jsp • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 5.0EPSS: 0%CPEs: 17EXPL: 0

TIBCO Managed File Transfer Internet Server before 7.2.2, Managed File Transfer Command Center before 7.2.2, Slingshot before 1.9.1, and Vault before 1.0.1 allow remote attackers to obtain sensitive information via a crafted HTTP request. TIBCO Managed File Transfer Internet Server anterior a 7.2.2, Managed File Transfer Command Center anterior a 7.2.2, Slingshot anterior a 1.9.1 y Vault anterior a 1.0.1 permiten a atacantes remotos obtener información sensible a través de una solicitud HTTP manipulada. • http://www.tibco.com/mk/advisory.jsp http://www.tibco.com/multimedia/mft_advisory_20140429_tcm8-21013.txt • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •