CVE-2023-26215

Summary

The server component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains a vulnerability that allows an attacker with low-privileged application access to read system files that are accessible to the web server. Affected releases are TIBCO Software Inc.'s TIBCO EBX Add-ons: versions 4.5.16 and below.

Affected Software

VendorProductVersion RangeStatus
TIBCO Software Inc.TIBCO EBX Add-ons0 <= 4.5.16affected

Weaknesses

  • Any application user can potentially read files that would normally only be accessible by server administrators.

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References