CVE-2018-5428
8.8
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
The version control adapters component of TIBCO Data Virtualization (formerly known as Cisco Information Server) contains vulnerabilities that may allow for arbitrary command execution. Affected releases are TIBCO Data Virtualization: 7.0.5; 7.0.6.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| TIBCO Software Inc. | TIBCO Data Virtualization | 7.0.5 | affected |
| TIBCO Software Inc. | TIBCO Data Virtualization | 7.0.6 | affected |
Weaknesses
- The impact of the vulnerability includes the theoretical possibility of disclosing contents of files on the host machine that are accessible to the operating system account used to run the affected component.
ADP Enrichment
CVE Program Container
Additional References
- https://www.tibco.com/support/advisories/2018/06/tibco-security-advisory-june-20-2018-tibco-data-virtualization
- http://www.securityfocus.com/bid/104518
References
- https://www.tibco.com/support/advisories/2018/06/tibco-security-advisory-june-20-2018-tibco-data-virtualization
- http://www.securityfocus.com/bid/104518
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.