CVE-2021-43049

Опубликовано: 15 фев. 2022

Источник: nvd

CVSS3: 9.8

CVSS2: 10

EPSS Низкий

Описание

The Database component of TIBCO Software Inc.'s TIBCO BusinessConnect Container Edition contains an easily exploitable vulnerability that allows an unauthenticated attacker with network access to obtain the usernames and passwords of users of the affected system. Affected releases are TIBCO Software Inc.'s TIBCO BusinessConnect Container Edition: versions 1.1.0 and below.

Ссылки

https://www.tibco.com/services/support/advisories
Vendor Advisory
https://www.tibco.com/support/advisories/2022/01/tibco-security-advisory-february-15-2022-tibco-bcce-2021-43049
Vendor Advisory
https://www.tibco.com/services/support/advisories
Vendor Advisory
https://www.tibco.com/support/advisories/2022/01/tibco-security-advisory-february-15-2022-tibco-bcce-2021-43049
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:tibco:businessconnect:*:*:*:*:container:*:*:*

Версия до 1.1.1 (исключая)

EPSS

Процентиль: 64%

0.00478

Низкий

9.8 Critical

CVSS3

10 Critical

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-mmjj-2xmr-v64v

github

почти 4 года назад