Vulnerability Description
The Realm Server component of TIBCO Software Inc.'s TIBCO FTL - Community Edition, TIBCO FTL - Developer Edition, and TIBCO FTL - Enterprise Edition contains a difficult to exploit vulnerability that allows an unauthenticated attacker with network access to obtain the cluster secret of another application connected to the realm server. Affected releases are TIBCO Software Inc.'s TIBCO FTL - Community Edition: versions 6.7.2 and below, TIBCO FTL - Developer Edition: versions 6.7.2 and below, and TIBCO FTL - Enterprise Edition: versions 6.7.2 and below.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Tibco | Ftl | <= 6.7.2 |
References
- https://www.tibco.com/services/support/advisoriesVendor Advisory
- https://www.tibco.com/support/advisories/2022/01/tibco-security-advisory-januaryVendor Advisory
- https://www.tibco.com/services/support/advisoriesVendor Advisory
- https://www.tibco.com/support/advisories/2022/01/tibco-security-advisory-januaryVendor Advisory
FAQ
What is CVE-2021-43053?
CVE-2021-43053 is a vulnerability with a CVSS score of 8.5 (HIGH). The Realm Server component of TIBCO Software Inc.'s TIBCO FTL - Community Edition, TIBCO FTL - Developer Edition, and TIBCO FTL - Enterprise Edition contains a difficult to exploit vulnerability that ...
How severe is CVE-2021-43053?
CVE-2021-43053 has been rated HIGH with a CVSS base score of 8.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-43053?
Check the references section above for vendor advisories and patch information. Affected products include: Tibco Ftl.