CyberSec.Space Logo
Back to CVE Browser

CVE-2021-43052

CRITICAL
9.3
CVSS Severity Score
EPSS Score0.0200%
EPSS Percentile26.42th
PublishedJan 11, 2022
Last ModifiedNov 21, 2024

Vulnerability Description

The Realm Server component of TIBCO Software Inc.'s TIBCO FTL - Community Edition, TIBCO FTL - Developer Edition, and TIBCO FTL - Enterprise Edition contains an easily exploitable vulnerability that allows authentication bypass due to a hard coded secret used in the default realm server of the affected system. Affected releases are TIBCO Software Inc.'s TIBCO FTL - Community Edition: versions 6.7.2 and below, TIBCO FTL - Developer Edition: versions 6.7.2 and below, and TIBCO FTL - Enterprise Edition: versions 6.7.2 and below.

Affected Platforms (CPE)

πŸ“¦
Tibco

Ftl

<= 6.7.2
πŸ“¦
Tibco

Ftl

<= 6.7.2
πŸ“¦
Tibco

Ftl

<= 6.7.2

References & Advisories

πŸ”— https://www.tibco.com/services/support/advisories
πŸ”— https://www.tibco.com/support/advisories/2022/01/tibco-security-advisory-january-11-2022-tibco-ftl-2021-43052
πŸ”— https://www.tibco.com/services/support/advisories
πŸ”— https://www.tibco.com/support/advisories/2022/01/tibco-security-advisory-january-11-2022-tibco-ftl-2021-43052

Related Vulnerabilities

CVE-2020-215239.8

A Server-Side Freemarker template injection vulnerability in halo CMS v1.1.3 In the Edit Theme File function. The ftl file can be ...

CVE-2020-215229.8

An issue was discovered in halo V1.1.3. A Zip Slip Directory Traversal Vulnerability in the backend,the attacker can overwrite som...

CVE-2019-112098.8

The realm configuration component of TIBCO Software Inc.'s TIBCO FTL Community Edition, TIBCO FTL Developer Edition, TIBCO FTL Ent...

CVE-2021-288198.8

The Windows Installation component of TIBCO Software Inc.'s TIBCO FTL - Community Edition, TIBCO FTL - Developer Edition, and TIBC...