Lucene search
TibcoCVE-2024-4576HistoryJun 13, 2024 - 7:15 a.m.
CVE-2024-4576
2024-06-1307:15:42
CWE-22
tibco
web.nvd.nist.gov
29
cve-2024-4576
component vulnerability
directory traversal
unauthorized access
sensitive information disclosure
system configuration
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
AI Score
6.3
Confidence
Low
EPSS
0.001
Percentile
17.8%
The component listed above contains a vulnerability that allows an attacker to traverse directories and access sensitive files, leading to unauthorized disclosure of system configuration and potentially sensitive information.
Affected configurations
Node
tibcoebxRange≤5.9.25
ORtibcoebxMatch6.1.3-
ORtibcoebxMatch6.1.3hotfix1
ORtibcoebxMatch6.1.3hotfix2
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "EBX",
"vendor": "Tibco",
"versions": [
{
"lessThanOrEqual": "9.25",
"status": "affected",
"version": "5",
"versionType": "patch"
},
{
"lessThanOrEqual": "1.3 HF2",
"status": "affected",
"version": "6",
"versionType": "hotfix"
}
]
}
]Related
vulnrichment
vulnrichment
CVE-2024-4576 TIBCO EBX File Inclusion Vulnerability
2024-06-13 06:31:41
tibco
tibco
TIBCO Security Advisory: June 11, 2024 - TIBCO EBX - CVE-2024-4576
2024-06-11 16:55:02
cvelist
cvelist
CVE-2024-4576 TIBCO EBX File Inclusion Vulnerability
2024-06-13 06:31:41
nvd
nvd
CVE-2024-4576
2024-06-13 07:15:42
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
AI Score
6.3
Confidence
Low
EPSS
0.001
Percentile
17.8%
Related for CVE-2024-4576