CVSS: 8.0EPSS: 0%CPEs: 9EXPL: 0CVE-2021-28829 – TIBCO Administrator CSV injection vulnerability
https://notcve.org/view.php?id=CVE-2021-28829
20 Apr 2021 — The Administration GUI component of TIBCO Software Inc.'s TIBCO Administrator - Enterprise Edition, TIBCO Administrator - Enterprise Edition, TIBCO Administrator - Enterprise Edition Distribution for TIBCO Silver Fabric, TIBCO Administrator - Enterprise Edition Distribution for TIBCO Silver Fabric, TIBCO Administrator - Enterprise Edition for z/Linux, and TIBCO Administrator - Enterprise Edition for z/Linux contains an easily exploitable vulnerability that allows a low privileged attacker with network acces... • http://www.tibco.com/services/support/advisories • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 8.8EPSS: 0%CPEs: 9EXPL: 0CVE-2021-28828 – TIBCO Administrator SQL injection vulnerability
https://notcve.org/view.php?id=CVE-2021-28828
20 Apr 2021 — The Administration GUI component of TIBCO Software Inc.'s TIBCO Administrator - Enterprise Edition, TIBCO Administrator - Enterprise Edition, TIBCO Administrator - Enterprise Edition Distribution for TIBCO Silver Fabric, TIBCO Administrator - Enterprise Edition Distribution for TIBCO Silver Fabric, TIBCO Administrator - Enterprise Edition for z/Linux, and TIBCO Administrator - Enterprise Edition for z/Linux contains an easily exploitable vulnerability that allows a low privileged attacker with network acces... • http://www.tibco.com/services/support/advisories • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.6EPSS: 1%CPEs: 15EXPL: 0CVE-2021-28827 – TIBCO Administrator Stored Cross Site Scripting vulnerability
https://notcve.org/view.php?id=CVE-2021-28827
20 Apr 2021 — The Administration GUI component of TIBCO Software Inc.'s TIBCO Administrator - Enterprise Edition, TIBCO Administrator - Enterprise Edition, TIBCO Administrator - Enterprise Edition Distribution for TIBCO Silver Fabric, TIBCO Administrator - Enterprise Edition Distribution for TIBCO Silver Fabric, TIBCO Administrator - Enterprise Edition for z/Linux, TIBCO Administrator - Enterprise Edition for z/Linux, TIBCO Runtime Agent, TIBCO Runtime Agent, TIBCO Runtime Agent for z/Linux, and TIBCO Runtime Agent for z... • http://www.tibco.com/services/support/advisories • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.0EPSS: 0%CPEs: 2EXPL: 0CVE-2018-5432 – TIBCO Administrator - Enterprise Edition Cross-Site Scripting Vulnerability
https://notcve.org/view.php?id=CVE-2018-5432
13 Jun 2018 — The TIBCO Administrator server component of of TIBCO Software Inc.'s TIBCO Administrator - Enterprise Edition, and TIBCO Administrator - Enterprise Edition for z/Linux contains multiple vulnerabilities wherein a malicious user could theoretically perform cross-site scripting (XSS) attacks by way of manipulating artifacts prior to uploading them. Affected releases are TIBCO Software Inc.'s TIBCO Administrator - Enterprise Edition: versions up to and including 5.10.0, and TIBCO Administrator - Enterprise Edit... • http://www.securityfocus.com/bid/104458 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2018-5433 – XML eXternal Entity Expansion Vulnerabilities with TIBCO Administrator
https://notcve.org/view.php?id=CVE-2018-5433
13 Jun 2018 — The TIBCO Administrator server component of TIBCO Software Inc.'s TIBCO Administrator - Enterprise Edition, and TIBCO Administrator - Enterprise Edition for z/Linux contains vulnerabilities wherein a malicious user could perform XML external entity expansion (XXE) attacks to disclose host machine information. Affected releases are TIBCO Software Inc.'s TIBCO Administrator - Enterprise Edition: versions up to and including 5.10.0, and TIBCO Administrator - Enterprise Edition for z/Linux: versions up to and i... • http://www.securityfocus.com/bid/104451 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 10.0EPSS: 2%CPEs: 2EXPL: 0CVE-2014-2075
https://notcve.org/view.php?id=CVE-2014-2075
27 Feb 2014 — TIBCO Enterprise Administrator 1.0.0 and Enterprise Administrator SDK 1.0.0 do not properly enforce administrative authentication requirements, which allows remote attackers to execute arbitrary commands via unspecified vectors. TIBCO Enterprise Administrator 1.0.0 y Enterprise Administrator SDK 1.0.0 no fuerza debidamente los requisitos de autenticación administrativa, lo que permite a atacantes remotos ejecutar comandos arbitrarios a través de vectores no especificados. • http://www.tibco.com/mk/advisory.jsp • CWE-287: Improper Authentication •
CVSS: 8.8EPSS: 1%CPEs: 2EXPL: 0CVE-2010-0683
https://notcve.org/view.php?id=CVE-2010-0683
25 Feb 2010 — Unspecified vulnerability in TIBRepoServer5.jar in TIBCO Administrator 5.4.0 through 5.6.0, when JMS transport is used, allows remote authenticated users to execute arbitrary code on all domain nodes via vectors related to leveraging administrative credentials. Vulnerabilidad sin especificar en TIBRepoServer5.jar en TIBCO Administrator desde v5.4.0 hasta v5.6.0, cuando se utiliza JMS transport, permite a usuarios remotos autenticados ejecutar código arbitrario en todos los nodos de dominio a través de vecto... • http://secunia.com/advisories/38732 •