Description
The server in TIBCO Formvine 3.1.x and 3.2.x before 3.2.1 does not properly implement access control, which allows remote attackers to obtain sensitive information or modify data via unspecified vectors.
References (4)
Core 4
Core References
Vendor Advisory x_refsource_confirm
http://www.tibco.com/multimedia/formvine-advisory-2012-10-23_tcm8-17451.txt
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/86606
Vendor Advisory x_refsource_confirm
http://www.tibco.com/services/support/advisories/formvine-advisory_20121023.jsp
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/56225
Scores
EPSS
0.0071
EPSS Percentile
72.5%
Details
CWE
CWE-264
Status
published
Products (4)
tibco/formvine
3.1.0
tibco/formvine
3.1.1
tibco/formvine
3.1.2
tibco/formvine
3.2.0
Published
Oct 24, 2012
Tracked Since
Feb 18, 2026