tibco
229 tracked vulnerabilities.
CVE-2021-43054
HIGH
TIBCO eFTL <6.7.2 - Privilege Escalation
Jan 11, 2022
CVSS 7.1
EPSS 0.00
CVE-2021-43053
HIGH
TIBCO FTL < 6.7.2 - Unauthenticated Cluster Secret Exposure via Realm Server
Jan 11, 2022
CVSS 8.5
EPSS 0.00
CVE-2021-43052
CRITICAL
TIBCO FTL < 6.7.2 - Authentication Bypass via Hard-coded Realm Server Secret
Jan 11, 2022
CVSS 9.3
EPSS 0.00
CVE-2021-43051
HIGH
TIBCO Spotfire Server - Privilege Escalation
Dec 14, 2021
CVSS 7.1
EPSS 0.00
CVE-2021-43048
CRITICAL
TIBCO PartnerExpress < 6.2.1 - Unauthenticated Clickjacking in Interior and Gateway Server Components
Nov 16, 2021
CVSS 9.8
EPSS 0.00
CVE-2021-43047
CRITICAL
TIBCO PartnerExpress < 6.2.1 - Stored and Reflected Cross-Site Scripting
Nov 16, 2021
CVSS 9.0
EPSS 0.00
CVE-2021-43046
HIGH
TIBCO PartnerExpress <6.2.1 - Info Disclosure
Nov 16, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-35499
HIGH
TIBCO Nimbus < 10.4.0 - Stored Cross-Site Scripting in Web Reporting Component
Oct 26, 2021
CVSS 8.0
EPSS 0.00
CVE-2021-35498
CRITICAL
TIBCO EBX <5.8.124, 5.9.3-5.9.14, 6.0.0-6.0.1 & TIBCO Product and Service Catalog 1.0.0 Weak Password Requirements
Oct 13, 2021
CVSS 9.8
EPSS 0.00
CVE-2021-35496
HIGH
TIBCO JasperReports Server - Path Traversal
Oct 12, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-35495
CRITICAL
TIBCO JasperReports Server <7.2.1, 7.5.0-7.5.1, 7.8.0, 7.9.0 - FTP Password Exposure
Oct 12, 2021
CVSS 9.0
EPSS 0.00
CVE-2021-35494
MEDIUM
TIBCO JasperReports Server - Race Condition
Oct 12, 2021
CVSS 5.7
EPSS 0.00
CVE-2021-35497
HIGH
TIBCO ActiveSpaces/TIBCO FTL <version> - RCE
Oct 05, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-35493
CRITICAL
TIBCO WebFOCUS Client, Installer, and Reporting Server < 8207.27.0 - Stored and Reflected Cross-Site Scripting
Sep 14, 2021
CVSS 9.0
EPSS 0.00
CVE-2021-28830
HIGH
TIBCO Enterprise Runtime for R <1.2.4 & Spotfire Server <10.3.12 - Privilege Escalation
Jun 29, 2021
CVSS 8.8
EPSS 0.00
CVE-2021-23275
HIGH
TIBCO Enterprise Runtime for R <1.2.4 & Spotfire Server <10.3.12 Privilege Escalation
Jun 29, 2021
CVSS 8.8
EPSS 0.00
CVE-2021-28829
MEDIUM
TIBCO Administrator - Enterprise Edition <= 5.10.2 and 5.11.0-5.11.1 - Persistent CSV Injection in Administration GUI
Apr 20, 2021
CVSS 6.5
EPSS 0.00
CVE-2021-28828
HIGH
TIBCO Administrator - SQL Injection
Apr 20, 2021
CVSS 7.6
EPSS 0.00
CVE-2021-28827
CRITICAL
TIBCO Administrator and Runtime Agent <= 5.10.2 and 5.11.0-5.11.1 - Unauthenticated Stored Cross-Site Scripting
Apr 20, 2021
CVSS 9.6
EPSS 0.01
CVE-2021-28826
HIGH
TIBCO Messaging - Eclipse Mosquitto Distribution - Bridge < 1.3.0 - Privilege Escalation via Unrestricted File Access
Apr 14, 2021
CVSS 8.8
EPSS 0.00
CVE-2021-28825
HIGH
TIBCO Messaging - Eclipse Mosquitto < 1.3.0 - Privilege Escalation via File Access
Apr 14, 2021
CVSS 8.8
EPSS 0.00
CVE-2021-28824
HIGH
TIBCO ActiveSpaces <= 4.5.0 - Privilege Escalation via Unrestricted Installation Directory
Mar 23, 2021
CVSS 8.8
EPSS 0.00
CVE-2021-28823
HIGH
TIBCO eFTL < 6.6.0 - Privilege Escalation via Unrestricted Installation Directory
Mar 23, 2021
CVSS 8.8
EPSS 0.00
CVE-2021-28822
HIGH
TIBCO Enterprise Message Service < 8.5.1 - Uncontrolled Search Path Element
Mar 23, 2021
CVSS 8.8
EPSS 0.00
CVE-2021-28821
HIGH
TIBCO Enterprise Message Service < 8.5.1 - Privilege Escalation via Unrestricted File Access
Mar 23, 2021
CVSS 8.8
EPSS 0.00
Products
spotfire_server 28
jasperreports_server 22
spotfire_analytics_platform_for_aws 20
rendezvous 16
spotfire_analyst 12
enterprise_message_service 11
jaspersoft 10
jaspersoft_reporting_and_analytics 10
managed_file_transfer_command_center 10
managed_file_transfer_internet_server 10
spotfire_desktop 10
ebx 9
ebx_add-ons 9
ftl 9
runtime_agent 9
activematrix_bpm 8
activematrix_service_bus 8
activematrix_service_grid 8
spotfire_deployment_kit 8
silver_fabric_enabler 7
spotfire_analytics_platform 7
spotfire_statistics_services 7
administrator 6
hawk 6
spotfire_desktop_language_packs 6
activematrix_businessworks_service_engine 5
eftl 5
iprocess_engine 5
jasperreports_library 5
rtworks 5
Quick Filters