CVE-2024-4576

2024-06-1307:15:42

CWE-22

[email protected]

web.nvd.nist.gov

vulnerability

directory traversal

sensitive information

unauthorized disclosure

system configuration

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

EPSS

0.001

Percentile

17.8%

JSON

The component listed above contains a vulnerability that allows an attacker to traverse directories and access sensitive files, leading to unauthorized disclosure of system configuration and potentially sensitive information.

Affected configurations

Nvd

Node

tibcoebxRange≤5.9.25

tibcoebxMatch6.1.3-

tibcoebxMatch6.1.3hotfix1

tibcoebxMatch6.1.3hotfix2

VendorProductVersionCPE
tibcoebx*cpe:2.3:a:tibco:ebx:*:*:*:*:*:*:*:*
tibcoebx6.1.3cpe:2.3:a:tibco:ebx:6.1.3:-:*:*:*:*:*:*
tibcoebx6.1.3cpe:2.3:a:tibco:ebx:6.1.3:hotfix1:*:*:*:*:*:*
tibcoebx6.1.3cpe:2.3:a:tibco:ebx:6.1.3:hotfix2:*:*:*:*:*:*

Vendor	Product	Version	CPE
tibco	ebx	*	cpe:2.3:a:tibco:ebx::::::::
tibco	ebx	6.1.3	cpe:2.3:a:tibco:ebx:6.1.3:-::::::
tibco	ebx	6.1.3	cpe:2.3:a:tibco:ebx:6.1.3:hotfix1::::::
tibco	ebx	6.1.3	cpe:2.3:a:tibco:ebx:6.1.3:hotfix2::::::