Vulnerability Description
The Realm Server component of TIBCO Software Inc.'s TIBCO FTL - Community Edition, TIBCO FTL - Developer Edition, and TIBCO FTL - Enterprise Edition contains an easily exploitable vulnerability that allows authentication bypass due to a hard coded secret used in the default realm server of the affected system. Affected releases are TIBCO Software Inc.'s TIBCO FTL - Community Edition: versions 6.7.2 and below, TIBCO FTL - Developer Edition: versions 6.7.2 and below, and TIBCO FTL - Enterprise Edition: versions 6.7.2 and below.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Tibco | Ftl | <= 6.7.2 |
Related Weaknesses (CWE)
References
- https://www.tibco.com/services/support/advisoriesVendor Advisory
- https://www.tibco.com/support/advisories/2022/01/tibco-security-advisory-januaryVendor Advisory
- https://www.tibco.com/services/support/advisoriesVendor Advisory
- https://www.tibco.com/support/advisories/2022/01/tibco-security-advisory-januaryVendor Advisory
FAQ
What is CVE-2021-43052?
CVE-2021-43052 is a vulnerability with a CVSS score of 9.3 (CRITICAL). The Realm Server component of TIBCO Software Inc.'s TIBCO FTL - Community Edition, TIBCO FTL - Developer Edition, and TIBCO FTL - Enterprise Edition contains an easily exploitable vulnerability that a...
How severe is CVE-2021-43052?
CVE-2021-43052 has been rated CRITICAL with a CVSS base score of 9.3/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2021-43052?
Check the references section above for vendor advisories and patch information. Affected products include: Tibco Ftl.