CVE-2021-43049
CRITICALTIBCO BusinessConnect Container Edition <1.1.0 - Info Disclosure
Title source: llmDescription
The Database component of TIBCO Software Inc.'s TIBCO BusinessConnect Container Edition contains an easily exploitable vulnerability that allows an unauthenticated attacker with network access to obtain the usernames and passwords of users of the affected system. Affected releases are TIBCO Software Inc.'s TIBCO BusinessConnect Container Edition: versions 1.1.0 and below.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_confirm
https://www.tibco.com/services/support/advisories
Vendor Advisory x_refsource_confirm
https://www.tibco.com/support/advisories/2022/01/tibco-security-advisory-february-15-2022-tibco-bcce-2021-43049
Scores
CVSS v3
9.8
EPSS
0.0048
EPSS Percentile
65.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
Status
published
Products (1)
tibco/businessconnect
< 1.1.1
Published
Feb 15, 2022
Tracked Since
Feb 18, 2026