HIGH🇵🇱 Wersja polska

CVE-2023-26217

CVSS 8.8v3.1pub. 2023-07-19upd. 2024-11-21

The Data Exchange Add-on component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains an easily exploitable vulnerability that allows a low privileged user with import permissions and network access to the EBX server to execute arbitrary SQL statements on the affected system. Affected releases are TIBCO Software Inc.'s TIBCO EBX Add-ons: versions 4.5.17 and below, versions 5.6.2 and below, version 6.1.0.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Tibco Ebx Add Ons

    APP
    Tibco
    6.1.0≤ 4.5.175.0.0 – 5.6.2
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
SQLi
CWE
References

Related vulnerabilities

CVE-2023-26216CRITICAL9.1ten sam produkt

The server component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains an exploitable vulnerability that all...

CVE-2023-26215HIGH7.7ten sam produkt

The server component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains a vulnerability that allows an attack...

CVE-2022-41566HIGH8.7ten sam produkt

The server component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains an easily exploitable vulnerability t...

CVE-2022-30578HIGH8.0ten sam produkt

The Web Server component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains an easily exploitable vulnerabili...

CVE-2022-22769HIGH8.0ten sam produkt

The Web server component of TIBCO Software Inc.'s TIBCO EBX, TIBCO EBX, TIBCO EBX, TIBCO EBX Add-ons, TIBCO EB...