3 matches found
CVE-2019-8992
The CVE-2019-8992 vulnerability affects the administrative server components across TIBCO ActiveMatrix BPM and related products. A user without privileges to upload distributed application archives (Upload DAA) could upload arbitrary code and, in some cases, execute it on ActiveMatrix Service Gri...
CVE-2019-8991
CVE-2019-8991 affects TIBCO ActiveMatrix BPM family via the administrator web interface, with XSS and CSRF vulnerabilities. Affected versions include: BPM up to 4.2.0; BPM Distribution for Silver Fabric up to 4.2.0; Policy Director up to 1.1.0; Service Bus up to 3.3.0; Service Grid up to 3.3.1; S...
CVE-2019-8993
CVE-2019-8993 affects TIBCO ActiveMatrix BPM and related components. The administrative web server in these products could allow an unauthenticated user to download a file containing credentials information. Affected releases include: ActiveMatrix BPM up to 4.2.0; BPM Distribution for Silver Fabr...