CVE-2022-22772

Summary

The cfsend, cfrecv, and CyberResp components of TIBCO Software Inc.'s TIBCO Managed File Transfer Platform Server for UNIX and TIBCO Managed File Transfer Platform Server for z/Linux contain a difficult to exploit Remote Code Execution (RCE) vulnerability that allows a low privileged attacker with network access to execute arbitrary code on the affected system. Affected releases are TIBCO Software Inc.'s TIBCO Managed File Transfer Platform Server for UNIX: versions 8.1.0 and below and TIBCO Managed File Transfer Platform Server for z/Linux: versions 8.1.0 and below.

Affected Software

VendorProductVersion RangeStatus
TIBCO Software Inc.TIBCO Managed File Transfer Platform Server for UNIXunspecified <= 8.1.0affected
TIBCO Software Inc.TIBCO Managed File Transfer Platform Server for z/Linuxunspecified <= 8.1.0affected

Weaknesses

  • Successful execution of this vulnerability can result in a low privileged attacker gaining full user access to the affected system.

ADP Enrichment

CVE Program Container

Additional References

References