CVE-2021-43055

Summary

The eFTL Server component of TIBCO Software Inc.'s TIBCO eFTL - Community Edition, TIBCO eFTL - Developer Edition, and TIBCO eFTL - Enterprise Edition contains an easily exploitable vulnerability that allows clients to inherit the permissions of the client that initially connected on the affected system. Affected releases are TIBCO Software Inc.'s TIBCO eFTL - Community Edition: versions 6.7.2 and below, TIBCO eFTL - Developer Edition: versions 6.7.2 and below, and TIBCO eFTL - Enterprise Edition: versions 6.7.2 and below.

Affected Software

VendorProductVersion RangeStatus
TIBCO Software Inc.TIBCO eFTL - Community Editionunspecified <= 6.7.2affected
TIBCO Software Inc.TIBCO eFTL - Developer Editionunspecified <= 6.7.2affected
TIBCO Software Inc.TIBCO eFTL - Enterprise Editionunspecified <= 6.7.2affected

Weaknesses

  • Successful execution of this vulnerability can result in an attacker gaining full access to communication on an existing channel on the affected system.

ADP Enrichment

CVE Program Container

Additional References

References