CVE-2021-35498
TIBCO EBX Insecure Login Mechanism
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The TIBCO EBX Web Server component of TIBCO Software Inc.'s TIBCO EBX, TIBCO EBX, TIBCO EBX, and TIBCO Product and Service Catalog powered by TIBCO EBX contains a vulnerability that under certain specific conditions allows an attacker to enter a password other than the legitimate password and it will be accepted as valid. Affected releases are TIBCO Software Inc.'s TIBCO EBX: versions 5.8.123 and below, TIBCO EBX: versions 5.9.3, 5.9.4, 5.9.5, 5.9.6, 5.9.7, 5.9.8, 5.9.9, 5.9.10, 5.9.11, 5.9.12, 5.9.13, and 5.9.14, TIBCO EBX: versions 6.0.0 and 6.0.1, and TIBCO Product and Service Catalog powered by TIBCO EBX: version 1.0.0.
El componente TIBCO EBX Web Server de TIBCO Software Inc.'s TIBCO EBX, TIBCO EBX, TIBCO EBX, y TIBCO Product and Service Catalog powered by TIBCO EBX contiene una vulnerabilidad que, bajo determinadas condiciones específicas, permite a un atacante introducir una contraseña distinta a la legítima y que sea aceptada como válida. Las versiones afectadas son TIBCO Software Inc.'s TIBCO EBX: versiones 5.8.123 y por debajo, TIBCO EBX: versiones 5.9.3, 5.9.4, 5.9.5, 5.9.6, 5.9.7, 5.9.8, 5.9.9, 5. 9.10, 5.9.11, 5.9.12, 5.9.13 y 5.9.14, TIBCO EBX: versiones 6.0.0 y 6.0.1, y TIBCO Product and Service Catalog powered by TIBCO EBX: versión 1.0.0
CVSS Scores
SSVC
- Decision:-
Timeline
- 2021-06-24 CVE Reserved
- 2021-10-13 CVE Published
- 2024-06-28 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-521: Weak Password Requirements
CAPEC
References (2)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Tibco Search vendor "Tibco" | Ebx Search vendor "Tibco" for product "Ebx" | < 5.8.124 Search vendor "Tibco" for product "Ebx" and version " < 5.8.124" | - |
Affected
| ||||||
Tibco Search vendor "Tibco" | Ebx Search vendor "Tibco" for product "Ebx" | >= 5.9.3 < 5.9.15 Search vendor "Tibco" for product "Ebx" and version " >= 5.9.3 < 5.9.15" | - |
Affected
| ||||||
Tibco Search vendor "Tibco" | Ebx Search vendor "Tibco" for product "Ebx" | >= 6.0.0 < 6.0.2 Search vendor "Tibco" for product "Ebx" and version " >= 6.0.0 < 6.0.2" | - |
Affected
| ||||||
Tibco Search vendor "Tibco" | Product And Service Catalog Powered By Tibco Ebx Search vendor "Tibco" for product "Product And Service Catalog Powered By Tibco Ebx" | 1.0.0 Search vendor "Tibco" for product "Product And Service Catalog Powered By Tibco Ebx" and version "1.0.0" | - |
Affected
|