CVE-2020-27147

Summary

The REST API component of TIBCO Software Inc.'s TIBCO PartnerExpress contains a vulnerability that theoretically allows an unauthenticated attacker with network access to obtain an authenticated login URL for the affected system via a REST API. Affected releases are TIBCO Software Inc.'s TIBCO PartnerExpress: version 6.2.0.

Affected Software

VendorProductVersion RangeStatus
TIBCO Software Inc.TIBCO PartnerExpress6.2.0affected

Weaknesses

  • Successful execution of this vulnerability can result in unauthorized read access to a subset of PartnerExpress data, as well as unauthorized update, insert or delete access to a subset of PartnerExpress data on the affected system.

ADP Enrichment

CVE Program Container

Additional References

References