#VU57078 Improper Certificate Validation in TIBCO Other software


Published: 2021-10-06

Vulnerability identifier: #VU57078

Vulnerability risk: Medium

CVSSv3.1: 7.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-35497

CWE-ID: CWE-295

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
TIBCO ActiveSpaces Community Edition
Other software / Other software solutions
TIBCO ActiveSpaces Developer Edition
Other software / Other software solutions
TIBCO ActiveSpaces Enterprise Edition
Other software / Other software solutions
TIBCO FTL Community Edition
Other software / Other software solutions
TIBCO FTL Developer Edition
Other software / Other software solutions
TIBCO FTL Enterprise Edition
Other software / Other software solutions
TIBCO eFTL Community Edition
Other software / Other software solutions
TIBCO eFTL Developer Edition
Other software / Other software solutions
TIBCO eFTL Enterprise Edition
Other software / Other software solutions

Vendor: TIBCO

Description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to improper certificate validation in the FTL Server (tibftlserver) and Docker images containing tibftlserver components. A remote authenticated attacker can perform a man-in-the-middle (MitM) attack and gain full administrative access to the affected system.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

TIBCO ActiveSpaces Community Edition: 4.3.0 - 4.6.2

TIBCO ActiveSpaces Developer Edition: 4.3.0 - 4.6.2

TIBCO ActiveSpaces Enterprise Edition: 4.3.0 - 4.6.2

TIBCO FTL Community Edition: 6.2.0 - 6.7.0

TIBCO FTL Developer Edition: 6.2.0 - 6.7.0

TIBCO FTL Enterprise Edition: 6.2.0 - 6.7.0

TIBCO eFTL Community Edition: 6.2.0 - 6.7.0

TIBCO eFTL Developer Edition: 6.2.0 - 6.7.0

TIBCO eFTL Enterprise Edition: 6.2.0 - 6.7.0

External links
http://www.tibco.com/services/support/advisories
http://www.tibco.com/support/advisories/2021/10/tibco-security-advisory-october-5-2021-tibco-ftl-2021-35497

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Improper Certificate Validation in TIBCO ActiveSpaces, FTL and eFTL