Unrated severityNVD Advisory· Published Nov 7, 2018· Updated Sep 16, 2024
TIBCO Enterprise Message Service Vulnerable to CSRF Attacks
CVE-2018-12415
Description
The Central Administration server (emsca) component of TIBCO Software Inc.'s TIBCO Enterprise Message Service, TIBCO Enterprise Message Service - Community Edition, and TIBCO Enterprise Message Service - Developer Edition contains a vulnerability which may allow an attacker to perform cross-site request forgery (CSRF) attacks. Affected releases are TIBCO Software Inc.'s TIBCO Enterprise Message Service: versions 8.4.0 and below, TIBCO Enterprise Message Service - Community Edition: versions 8.4.0 and below, and TIBCO Enterprise Message Service - Developer Edition: versions 8.4.0 and below.
Affected products
6<= 8.4.0+ 3 more
- (no CPE)range: <= 8.4.0
- (no CPE)range: <= 8.4.0
- (no CPE)range: 8.4.0 and previous
- (no CPE)range: 8.4.0 and previous
<= 8.4.0+ 1 more
- (no CPE)range: <= 8.4.0
- (no CPE)range: 8.4.0 and previous
Patches
Vulnerability mechanics
References
3- www.securityfocus.com/bid/105850mitrevdb-entryx_refsource_BID
- www.tibco.com/services/support/advisoriesmitrex_refsource_MISC
- www.tibco.com/support/advisories/2018/11/tibco-security-advisory-november-6-2018-tibco-enterprise-messaging-servicemitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.