CVE-2015-5711

TIBCO Managed File Transfer Internet Server < 7.2.5 - Authenticated Sensitive Information Exposure via HTTP Request

Title source: llm

Description

TIBCO Managed File Transfer Internet Server before 7.2.5, Managed File Transfer Command Center before 7.2.5, Slingshot before 1.9.4, and Vault before 2.0.1 allow remote authenticated users to obtain sensitive information via a crafted HTTP request.

References (3)

Core 3

Core References

Vendor Advisory x_refsource_confirm

http://www.tibco.com/assets/blt423f06fbac6ee0c6/2015-003-advisory.txt

Vendor Advisory x_refsource_confirm

http://www.tibco.com/mk/advisory.jsp

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1033678

Scores

EPSS 0.0010

EPSS Percentile 26.8%

Details

CWE

CWE-200

Status published

Products (4)

tibco/managed_file_transfer_command_center < 7.2.4

tibco/managed_file_transfer_internet_server < 7.2.4

tibco/slingshot < 1.9.3

tibco/vault < 2.0.0

Published Sep 29, 2015

Tracked Since Feb 18, 2026