CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2021-43052

CRITICAL
9.3
CVSS Severity Score
EPSS Score0.0200%
EPSS Percentile26.42th
Published2022年1月11日
Last Modified2024年11月21日

Vulnerability Description

The Realm Server component of TIBCO Software Inc.'s TIBCO FTL - Community Edition, TIBCO FTL - Developer Edition, and TIBCO FTL - Enterprise Edition contains an easily exploitable vulnerability that allows authentication bypass due to a hard coded secret used in the default realm server of the affected system. Affected releases are TIBCO Software Inc.'s TIBCO FTL - Community Edition: versions 6.7.2 and below, TIBCO FTL - Developer Edition: versions 6.7.2 and below, and TIBCO FTL - Enterprise Edition: versions 6.7.2 and below.

Affected Platforms (CPE)

📦
Tibco

Ftl

<= 6.7.2
📦
Tibco

Ftl

<= 6.7.2
📦
Tibco

Ftl

<= 6.7.2

References & Advisories

🔗 https://www.tibco.com/services/support/advisories
🔗 https://www.tibco.com/support/advisories/2022/01/tibco-security-advisory-january-11-2022-tibco-ftl-2021-43052
🔗 https://www.tibco.com/services/support/advisories
🔗 https://www.tibco.com/support/advisories/2022/01/tibco-security-advisory-january-11-2022-tibco-ftl-2021-43052

相關漏洞威脅

CVE-2020-215239.8

A Server-Side Freemarker template injection vulnerability in halo CMS v1.1.3 In the Edit Theme File function. The ftl file can be ...

CVE-2020-215229.8

An issue was discovered in halo V1.1.3. A Zip Slip Directory Traversal Vulnerability in the backend,the attacker can overwrite som...

CVE-2019-112098.8

The realm configuration component of TIBCO Software Inc.'s TIBCO FTL Community Edition, TIBCO FTL Developer Edition, TIBCO FTL Ent...

CVE-2021-288198.8

The Windows Installation component of TIBCO Software Inc.'s TIBCO FTL - Community Edition, TIBCO FTL - Developer Edition, and TIBC...