CVE-2018-5428

Summary

The version control adapters component of TIBCO Data Virtualization (formerly known as Cisco Information Server) contains vulnerabilities that may allow for arbitrary command execution. Affected releases are TIBCO Data Virtualization: 7.0.5; 7.0.6.

Affected Software

VendorProductVersion RangeStatus
TIBCO Software Inc.TIBCO Data Virtualization7.0.5affected
TIBCO Software Inc.TIBCO Data Virtualization7.0.6affected

Weaknesses

  • The impact of the vulnerability includes the theoretical possibility of disclosing contents of files on the host machine that are accessible to the operating system account used to run the affected component.

ADP Enrichment

CVE Program Container

Additional References

References