EUVD-2021-22137

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

TIBCO JasperReports Server has a vulnerability allowing access to FTP server passwords by attackers.

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2021-35495	12 Oct 202122:25	–	circl
CNNVD	TIBCO Software JasperReports Server 访问控制错误漏洞	12 Oct 202100:00	–	cnnvd
CVE	CVE-2021-35495	12 Oct 202117:35	–	cve
Cvelist	CVE-2021-35495 TIBCO JasperReports FTP Password exposed	12 Oct 202117:35	–	cvelist
NVD	CVE-2021-35495	12 Oct 202118:15	–	nvd
OSV	BIT-JASPERREPORTS-2021-35495	6 Mar 202410:58	–	osv
OSV	CVE-2021-35495	12 Oct 202118:15	–	osv
Prion	Privilege escalation	12 Oct 202118:15	–	prion
Positive Technologies	PT-2021-20935 · Tibco Software · Tibco Jasperreports Server For Aws Marketplace +5	12 Oct 202100:00	–	ptsecurity

[
  {
    "enisaIdVendor": [
      {
        "id": "237fc450-e30c-3b01-9425-ea3aa789affb",
        "vendor": {
          "name": "TIBCO Software Inc."
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "09d581c7-73f8-3eb5-8245-0494b8c53f24",
        "product": {
          "name": "TIBCO JasperReports Server - Developer Edition"
        },
        "product_version": "unspecified ≤7.9.0"
      },
      {
        "id": "202bbd57-e9fb-3f91-bcd5-33154b2537a3",
        "product": {
          "name": "TIBCO JasperReports Server"
        },
        "product_version": "7.5.0"
      },
      {
        "id": "36873c24-72be-336e-8ae0-6758076d3285",
        "product": {
          "name": "TIBCO JasperReports Server for ActiveMatrix BPM"
        },
        "product_version": "unspecified ≤7.9.0"
      },
      {
        "id": "aa91a912-2517-3972-b261-8cc55e2ac7f6",
        "product": {
          "name": "TIBCO JasperReports Server"
        },
        "product_version": "7.8.0"
      },
      {
        "id": "b5600c01-0f94-3ee9-b990-5f91f9c0eaba",
        "product": {
          "name": "TIBCO JasperReports Server for AWS Marketplace"
        },
        "product_version": "unspecified ≤7.9.0"
      },
      {
        "id": "b60dc197-d41a-33ab-983a-8b74c318ccc5",
        "product": {
          "name": "TIBCO JasperReports Server"
        },
        "product_version": "7.5.1"
      },
      {
        "id": "baf71e30-1634-3653-9e10-e443d6bafc88",
        "product": {
          "name": "TIBCO JasperReports Server"
        },
        "product_version": "7.9.0"
      },
      {
        "id": "e564ee88-e66b-34fd-8b60-7e1c428eed9f",
        "product": {
          "name": "TIBCO JasperReports Server for Microsoft Azure"
        },
        "product_version": "7.8.0"
      },
      {
        "id": "f8fa84c5-4ea3-32ff-97f7-d98c5df33f2e",
        "product": {
          "name": "TIBCO JasperReports Server - Community Edition"
        },
        "product_version": "unspecified ≤7.8.0"
      },
      {
        "id": "fb7dc878-f991-3f48-a016-5be837918c22",
        "product": {
          "name": "TIBCO JasperReports Server"
        },
        "product_version": "unspecified ≤7.2.1"
      }
    ]
  }
]

Source	Link
tibco	www.tibco.com/services/support/advisories
tibco	www.tibco.com/support/advisories/2021/10/tibco-security-advisory-october-12-2021-tibco-jasperreports-server-2021-35495
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

8.6High risk

Vulners AI Score8.6

CVSS 3.18.8 - 9

CVSS 24

EPSS0.00352