CVE-2014-2075

TIBCO Enterprise Administrator <1.0.0 - Command Injection

Title source: llm

Description

TIBCO Enterprise Administrator 1.0.0 and Enterprise Administrator SDK 1.0.0 do not properly enforce administrative authentication requirements, which allows remote attackers to execute arbitrary commands via unspecified vectors.

References (2)

[Vendor Advisory] http://www.tibco.com/mk/advisory.jsp

[Vendor Advisory] http://www.tibco.com/multimedia/enterprise_administator_advisory_20140226_tcm8-20533.txt

Scores

EPSS 0.0252

EPSS Percentile 85.2%

Classification

CWE

CWE-287

Status draft

Affected Products (2)

tibco/enterprise_administrator

tibco/enterprise_administrator_sdk

Timeline

Published Feb 27, 2014

Tracked Since Feb 18, 2026