CVE-2020-27146

Summary

The Core component of TIBCO Software Inc.'s TIBCO iProcess Workspace (Browser) contains a vulnerability that theoretically allows an unauthenticated attacker with network access to execute a Cross Site Request Forgery (CSRF) attack on the affected system. A successful attack using this vulnerability requires human interaction from an authenticated user other than the attacker. Affected releases are TIBCO Software Inc.'s TIBCO iProcess Workspace (Browser): versions 11.6.0 and below.

Affected Software

VendorProductVersion RangeStatus
TIBCO Software Inc.TIBCO iProcess Workspace (Browser)unspecified <= 11.6.0affected

Weaknesses

  • Successful execution of this vulnerability can result in unauthorized read, update, insert or delete access to some of the data in the affected system.

ADP Enrichment

CVE Program Container

Additional References

References