10 matches found
CVE-2022-22774
The CVE-2022-22774 issue affects TIBCO Managed File Transfer Command Center and TIBCO Managed File Transfer Internet Server. The root cause is an XXE (XML External Entity) vulnerability in the DOM XML parser and SAX XML parser components, exploitable by an unauthenticated attacker with network ac...
CVE-2017-5531
CVE-2017-5531 affects TIBCO Managed File Transfer Command Center (CC) and Managed File Transfer Internet Server (IS) versions 8.0.0 and 8.0.1. The issue may allow any authenticated user to gain administrative control of the Managed File Transfer web applications via the Administrator Service. In ...
CVE-2011-3424
CVE-2011-3424 affects TIBCO Managed File Transfer Internet Server (7.0.x–7.1.0) and Command Center (7.0.x–7.1.0), and TIBCO Slingshot (1.8.0 and earlier). Root cause: defects in processing inbound HTTP requests leading to a session fixation vulnerability that can allow an attacker to hijack a web...
CVE-2018-18810
CVE-2018-18810 affects TIBCO Managed File Transfer Command Center (Administrator Service) and TIBCO Managed File Transfer Internet Server. An authenticated user with specific privileges can access credentials maintained by or for other systems, enabling credential disclosure. Affected releases in...
CVE-2014-2545
CVE-2014-2545 affects TIBCO MFT Internet Server, MFT Command Center, Slingshot, and Vault, where versions prior to 7.2.2 (and Slingshot before 1.9.1; Vault before 1.0.1) expose sensitive information via a crafted HTTP request. Root cause is unclear in the provided documents beyond the effect on t...
CVE-2014-7194
CVE-2014-7194 affects TIBCO MFT Internet Server prior to 7.2.4, MFT Command Center prior to 7.2.4, Slingshot prior to 1.9.3, and Vault prior to 1.1.1. The issue allows remote attackers to obtain sensitive information or modify data by exploiting agent access. No exploitation details, affected ver...
CVE-2020-9413
CVE-2020-9413 affects TIBCO Managed File Transfer Command Center (CC) and Internet Server (IS) up to version 8.2.1 and earlier. The vulnerability resides in the MFT Browser file transfer and MFT Browser admin client components, allowing an attacker to craft a URL that, when visited by an authenti...
CVE-2020-9414
The connected CNVD entry confirms a cross-site scripting vulnerability in TIBCO Managed File Transfer Command Center and Internet Server (MFT admin service) affecting 8.2.1 and earlier. An authenticated user with specific permissions could exploit XSS to obtain another user’s session identifier, ...
CVE-2011-3423
CVE-2011-3423 affects TIBCO Managed File Transfer Internet Server (before 7.1.1), Managed File Transfer Command Center (before 7.1.1), and TIBCO Slingshot (before 1.8.1). The root cause is defects in the processing of inbound HTTP requests, enabling cross-site scripting (XSS) to view/modify infor...
CVE-2015-5711
The CVE-2015-5711 entry affects TIBCO products: Managed File Transfer Internet Server (before 7.2.5), Managed File Transfer Command Center (before 7.2.5), Slingshot (before 1.9.4), and Vault (before 2.0.1). The root cause is an information disclosure vulnerability that allows remote authenticated...