VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published May 20, 2011· Updated Apr 29, 2026

CVE-2011-2021

CVE-2011-2021

Description

Session fixation vulnerability in TIBCO iProcess Engine before 11.1.3 and iProcess Workspace before 11.3.1 allows remote attackers to hijack web sessions via unspecified vectors.

Affected products

20
  • TIBCO Software/Iprocess Engine16 versions
    cpe:2.3:a:tibco:iprocess_engine:*:*:*:*:*:*:*:*+ 15 more
    • cpe:2.3:a:tibco:iprocess_engine:*:*:*:*:*:*:*:*range: <=11.1.2
    • cpe:2.3:a:tibco:iprocess_engine:10.3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:tibco:iprocess_engine:10.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:tibco:iprocess_engine:10.3.2:*:*:*:*:*:*:*
    • cpe:2.3:a:tibco:iprocess_engine:10.3.3:*:*:*:*:*:*:*
    • cpe:2.3:a:tibco:iprocess_engine:10.3.4:*:*:*:*:*:*:*
    • cpe:2.3:a:tibco:iprocess_engine:10.3.5:*:*:*:*:*:*:*
    • cpe:2.3:a:tibco:iprocess_engine:10.4:*:*:*:*:*:*:*
    • cpe:2.3:a:tibco:iprocess_engine:10.4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:tibco:iprocess_engine:10.5:*:*:*:*:*:*:*
    • cpe:2.3:a:tibco:iprocess_engine:10.6:*:*:*:*:*:*:*
    • cpe:2.3:a:tibco:iprocess_engine:10.6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:tibco:iprocess_engine:10.6.1:*:*:*:*:*:*:*
    • cpe:2.3:a:tibco:iprocess_engine:10.6.2:*:*:*:*:*:*:*
    • cpe:2.3:a:tibco:iprocess_engine:11.0:*:*:*:*:*:*:*
    • cpe:2.3:a:tibco:iprocess_engine:11.1.1:*:*:*:*:*:*:*
  • TIBCO Software/Iprocess Workspace4 versions
    cpe:2.3:a:tibco:iprocess_workspace:*:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:tibco:iprocess_workspace:*:*:*:*:*:*:*:*range: <=11.3
    • cpe:2.3:a:tibco:iprocess_workspace:11.0:*:*:*:*:*:*:*
    • cpe:2.3:a:tibco:iprocess_workspace:11.1:*:*:*:*:*:*:*
    • cpe:2.3:a:tibco:iprocess_workspace:11.2:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

7

News mentions

0

No linked articles in our index yet.