HIGH✓ PATCH🇬🇧 English

CVE-2021-43046

CVSS 7.5v3.1pub. 2021-11-16upd. 2024-11-21

The Interior Server and Gateway Server components of TIBCO Software Inc.'s TIBCO PartnerExpress contain an easily exploitable vulnerability that allows an unauthenticated attacker with network access to obtain session tokens for the affected system. A successful attack using this vulnerability requires human interaction from a person other than the attacker. Affected releases are TIBCO Software Inc.'s TIBCO PartnerExpress: versions 6.2.1 and below.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
  • Tibco Partnerexpress

    APP
    Tibco
    ≤ 6.2.1
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
Tagi
Auth Bypass
CWE
Referencje

Powiązane podatności

CVE-2021-43047CRITICAL9.0ten sam produkt

The Interior Server and Gateway Server components of TIBCO Software Inc.'s TIBCO PartnerExpress contain easily...

CVE-2021-43048CRITICAL9.8ten sam produkt

The Interior Server and Gateway Server components of TIBCO Software Inc.'s TIBCO PartnerExpress contain a vuln...

CVE-2020-27147MEDIUM6.5ten sam produkt

The REST API component of TIBCO Software Inc.'s TIBCO PartnerExpress contains a vulnerability that theoretical...

CVE-2025-3115CRITICAL9.4PL ✓ten sam vendor

RCE w Tibco Spotfire — wstrzyknięcie kodu i nievalidowane nazwy plików

CVE-2023-26216CRITICAL9.1ten sam vendor

The server component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains an exploitable vulnerability that all...

CVE-2021-43046 — HIGH 7.5 | CVEbaza.pl