CVE-2024-1138

Summary

The FTL Server component of TIBCO Software Inc.'s TIBCO FTL - Enterprise Edition contains a vulnerability that allows a low privileged attacker with network access to execute a privilege escalation on the affected ftlserver. Affected releases are TIBCO Software Inc.'s TIBCO FTL - Enterprise Edition: versions 6.10.1 and below.

Affected Software

VendorProductVersion RangeStatus
TIBCO Software Inc.TIBCO FTL - Enterprise Edition0 <= 6.10.1affected

Weaknesses

  • Successful exploitation of this vulnerability may result in an authenticated but unprivileged user arbitrarily reconfiguring FTL clients attached to the same ftlserver.

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References