CVE-2021-35494

🗓️ 12 Oct 2021 17:35:11Reported by tibcoType

TIBCO JasperReports Server REST API allows low privileged user to access temporary object

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2021-35494	12 Oct 202122:25	–	circl
CNNVD	TIBCO Software JasperReports Server 竞争条件问题漏洞	12 Oct 202100:00	–	cnnvd
Cvelist	CVE-2021-35494 TIBCO JasperReports unauthorized access to temporary object	12 Oct 202117:35	–	cvelist
EUVD	EUVD-2021-22136	7 Oct 202500:30	–	euvd
NVD	CVE-2021-35494	12 Oct 202118:15	–	nvd
OSV	BIT-JASPERREPORTS-2021-35494	6 Mar 202410:59	–	osv
OSV	CVE-2021-35494	12 Oct 202118:15	–	osv
Prion	Race condition	12 Oct 202118:15	–	prion
Positive Technologies	PT-2021-20934 · Tibco Software · Tibco Jasperreports Server For Aws Marketplace +5	12 Oct 202100:00	–	ptsecurity

NVD

Node

tibco jasperreports_serverRange≤7.2.1-

tibco jasperreports_serverRange≤7.8.0microsoft_azure

tibco jasperreports_serverRange≤7.8.0community

tibco jasperreports_serverRange≤7.9.0activematrix_bpm

tibco jasperreports_serverRange≤7.9.0aws_marketplace

tibco jasperreports_serverRange≤7.9.0developer

tibco jasperreports_serverMatch7.5.0-

tibco jasperreports_serverMatch7.5.1-

tibco jasperreports_serverMatch7.8.0-

tibco jasperreports_serverMatch7.9.0-

[
  {
    "product": "TIBCO JasperReports Server",
    "vendor": "TIBCO Software Inc.",
    "versions": [
      {
        "lessThanOrEqual": "7.2.1",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "TIBCO JasperReports Server",
    "vendor": "TIBCO Software Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "7.5.0"
      },
      {
        "status": "affected",
        "version": "7.5.1"
      }
    ]
  },
  {
    "product": "TIBCO JasperReports Server",
    "vendor": "TIBCO Software Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "7.8.0"
      }
    ]
  },
  {
    "product": "TIBCO JasperReports Server",
    "vendor": "TIBCO Software Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "7.9.0"
      }
    ]
  },
  {
    "product": "TIBCO JasperReports Server - Community Edition",
    "vendor": "TIBCO Software Inc.",
    "versions": [
      {
        "lessThanOrEqual": "7.8.0",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "TIBCO JasperReports Server - Developer Edition",
    "vendor": "TIBCO Software Inc.",
    "versions": [
      {
        "lessThanOrEqual": "7.9.0",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "TIBCO JasperReports Server for AWS Marketplace",
    "vendor": "TIBCO Software Inc.",
    "versions": [
      {
        "lessThanOrEqual": "7.9.0",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "TIBCO JasperReports Server for ActiveMatrix BPM",
    "vendor": "TIBCO Software Inc.",
    "versions": [
      {
        "lessThanOrEqual": "7.9.0",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "TIBCO JasperReports Server for Microsoft Azure",
    "vendor": "TIBCO Software Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "7.8.0"
      }
    ]
  }
]

Source	Link
tibco	www.tibco.com/support/advisories/2021/10/tibco-security-advisory-october-12-2021-tibco-jasperreports-server-2021-35494
tibco	www.tibco.com/services/support/advisories

17 Jun 2026 03:57Current

5Medium risk

Vulners AI Score5

CVSS 23.5

CVSS 3.15.3 - 5.7

EPSS0.00486

CWE-362