Vulnerability Description
The GridServer Broker and GridServer Director components of TIBCO Software Inc.'s TIBCO DataSynapse GridServer Manager contain vulnerabilities which may allow an unauthenticated user to perform cross-site request forgery (CSRF). Affected releases are TIBCO Software Inc. TIBCO DataSynapse GridServer Manager: versions up to and including 5.2.0; 6.0.0; 6.0.1; 6.0.2; 6.1.0; 6.1.1; 6.2.0; 6.3.0.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Tibco | Datasynapse Gridserver Manager | <= 5.2.0 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/105913Third Party AdvisoryVDB Entry
- https://www.tibco.com/support/advisories/2018/11/tibco-security-advisory-novembeVendor Advisory
- http://www.securityfocus.com/bid/105913Third Party AdvisoryVDB Entry
- https://www.tibco.com/support/advisories/2018/11/tibco-security-advisory-novembeVendor Advisory
FAQ
What is CVE-2018-12416?
CVE-2018-12416 is a vulnerability with a CVSS score of 7.1 (HIGH). The GridServer Broker and GridServer Director components of TIBCO Software Inc.'s TIBCO DataSynapse GridServer Manager contain vulnerabilities which may allow an unauthenticated user to perform cross-...
How severe is CVE-2018-12416?
CVE-2018-12416 has been rated HIGH with a CVSS base score of 7.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-12416?
Check the references section above for vendor advisories and patch information. Affected products include: Tibco Datasynapse Gridserver Manager.