1. Home
  2. CVE Database
  3. CVE-2017-5535
MEDIUM · 6.8

CVE-2017-5535

The GridServer Broker, GridServer Driver, and GridServer Engine components of TIBCO Software Inc. TIBCO DataSynapse GridServer Manager contain vulnerabilities related to both the improper use of encry...

Vulnerability Description

The GridServer Broker, GridServer Driver, and GridServer Engine components of TIBCO Software Inc. TIBCO DataSynapse GridServer Manager contain vulnerabilities related to both the improper use of encryption mechanisms and the use of weak ciphers. A malicious actor could theoretically compromise the traffic between any of the components. Affected releases include TIBCO Software Inc.'s TIBCO DataSynapse GridServer Manager: versions up to and including 5.1.3; 6.0.0; 6.0.1; 6.0.2; 6.1.0; 6.1.1; and 6.2.0.

CVSS Score

6.8

MEDIUM

CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Attack Vector
ADJACENT_NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
NONE

Affected Products

VendorProductVersions
TibcoDatasynapse Gridserver Manager<= 5.1.3

Related Weaknesses (CWE)

CWE-326

References

FAQ

What is CVE-2017-5535?

CVE-2017-5535 is a vulnerability with a CVSS score of 6.8 (MEDIUM). The GridServer Broker, GridServer Driver, and GridServer Engine components of TIBCO Software Inc. TIBCO DataSynapse GridServer Manager contain vulnerabilities related to both the improper use of encry...

How severe is CVE-2017-5535?

CVE-2017-5535 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2017-5535?

Check the references section above for vendor advisories and patch information. Affected products include: Tibco Datasynapse Gridserver Manager.