Vulnerability Description
The eFTL Server component of TIBCO Software Inc.'s TIBCO eFTL - Community Edition, TIBCO eFTL - Developer Edition, and TIBCO eFTL - Enterprise Edition contains an easily exploitable vulnerability that allows clients to inherit the permissions of the client that initially connected on the affected system. Affected releases are TIBCO Software Inc.'s TIBCO eFTL - Community Edition: versions 6.7.2 and below, TIBCO eFTL - Developer Edition: versions 6.7.2 and below, and TIBCO eFTL - Enterprise Edition: versions 6.7.2 and below.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Tibco | Eftl | <= 6.7.2 |
References
- https://www.tibco.com/services/support/advisoriesVendor Advisory
- https://www.tibco.com/support/advisories/2022/01/tibco-security-advisory-januaryVendor Advisory
- https://www.tibco.com/services/support/advisoriesVendor Advisory
- https://www.tibco.com/support/advisories/2022/01/tibco-security-advisory-januaryVendor Advisory
FAQ
What is CVE-2021-43055?
CVE-2021-43055 is a vulnerability with a CVSS score of 5.9 (MEDIUM). The eFTL Server component of TIBCO Software Inc.'s TIBCO eFTL - Community Edition, TIBCO eFTL - Developer Edition, and TIBCO eFTL - Enterprise Edition contains an easily exploitable vulnerability that...
How severe is CVE-2021-43055?
CVE-2021-43055 has been rated MEDIUM with a CVSS base score of 5.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-43055?
Check the references section above for vendor advisories and patch information. Affected products include: Tibco Eftl.