CVE-2017-5535
MEDIUMTIBCO DataSynapse GridServer Manager <= 5.1.3, 6.0.0-6.0.2, 6.1.0-6.1.1, 6.2.0 - Inadequate Encryption Strength
Title source: llmDescription
The GridServer Broker, GridServer Driver, and GridServer Engine components of TIBCO Software Inc. TIBCO DataSynapse GridServer Manager contain vulnerabilities related to both the improper use of encryption mechanisms and the use of weak ciphers. A malicious actor could theoretically compromise the traffic between any of the components. Affected releases include TIBCO Software Inc.'s TIBCO DataSynapse GridServer Manager: versions up to and including 5.1.3; 6.0.0; 6.0.1; 6.0.2; 6.1.0; 6.1.1; and 6.2.0.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://www.tibco.com/support/advisories/2018/05/security-advisory-may-1-2018-tibco-datasynapse-gridserver-2017-5535
Scores
CVSS v3
6.8
EPSS
0.0002
EPSS Percentile
5.9%
Attack Vector
ADJACENT_NETWORK
CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Details
CWE
CWE-326
Status
published
Products (7)
tibco/datasynapse_gridserver_manager
6.0.0
tibco/datasynapse_gridserver_manager
6.0.1
tibco/datasynapse_gridserver_manager
6.0.2
tibco/datasynapse_gridserver_manager
6.1.0
tibco/datasynapse_gridserver_manager
6.1.1
tibco/datasynapse_gridserver_manager
6.2.0
tibco/datasynapse_gridserver_manager
< 5.1.3
Published
May 01, 2018
Tracked Since
Feb 18, 2026