Description
Session fixation vulnerability in TIBCO iProcess Engine before 11.1.3 and iProcess Workspace before 11.3.1 allows remote attackers to hijack web sessions via unspecified vectors.
References (7)
Core 7
Core References
Vendor Advisory x_refsource_confirm
http://www.tibco.com/services/support/advisories/iprocess-advisory_20110518.jsp
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/67538
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/47921
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/72554
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2011/1272
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/44639
Vendor Advisory x_refsource_confirm
http://www.tibco.com/multimedia/iprocess_advisory_20110518_tcm8-13710.txt
Scores
EPSS
0.0068
EPSS Percentile
71.8%
Details
Status
published
Products (20)
tibco/iprocess_engine
10.3.0
tibco/iprocess_engine
10.3.1
tibco/iprocess_engine
10.3.2
tibco/iprocess_engine
10.3.3
tibco/iprocess_engine
10.3.4
tibco/iprocess_engine
10.3.5
tibco/iprocess_engine
10.4
tibco/iprocess_engine
10.4.1
tibco/iprocess_engine
10.5
tibco/iprocess_engine
10.6
... and 10 more
Published
May 20, 2011
Tracked Since
Feb 18, 2026