CalvinBackup/CVEs-PoC
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2026-05-27 06:12:23 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
efebdd4f2d72a3494ec92163e9e88e00a3646b8a
CVEs-PoC/2021/CVE-2021-28829.md
T
0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09
2025-09-29 21:09:30 +02:00

22 lines
2.7 KiB
Markdown
Raw Blame History

### [CVE-2021-28829](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28829)
![](https://img.shields.io/static/v1?label=Product&message=TIBCO%20Administrator%20-%20Enterprise%20Edition%20Distribution%20for%20TIBCO%20Silver%20Fabric&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=TIBCO%20Administrator%20-%20Enterprise%20Edition%20for%20z%2FLinux&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=TIBCO%20Administrator%20-%20Enterprise%20Edition&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=5.11.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=5.11.1%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=unspecified%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Successful%20execution%20of%20this%20vulnerability%20provides%20the%20attacker%20with%20the%20ability%20to%20exploit%20the%20inherent%20trust%20an%20end-user%20has%20in%20the%20affected%20system%20and%20may%20allow%20an%20attacker%20to%3A-%20Infect%20end%20users%20with%20viruses%20or%20malware-%20Gain%20control%20over%20an%20end-user's%20computer%20and%20execute%20operating%20system%20commands-%20Steal%20sensitive%20information-%20Forge%2C%20spoof%20or%20modify%20data%20that%20appears%20to%20be%20generated%20by%20the%20affected%20system.&color=brightgreen)
### Description
The Administration GUI component of TIBCO Software Inc.'s TIBCO Administrator - Enterprise Edition, TIBCO Administrator - Enterprise Edition, TIBCO Administrator - Enterprise Edition Distribution for TIBCO Silver Fabric, TIBCO Administrator - Enterprise Edition Distribution for TIBCO Silver Fabric, TIBCO Administrator - Enterprise Edition for z/Linux, and TIBCO Administrator - Enterprise Edition for z/Linux contains an easily exploitable vulnerability that allows a low privileged attacker with network access to execute a persistent CSV injection attack from the affected system. A successful attack using this vulnerability requires human interaction from a person other than the attacker. Affected releases are TIBCO Software Inc.'s TIBCO Administrator - Enterprise Edition: versions 5.10.2 and below, TIBCO Administrator - Enterprise Edition: versions 5.11.0 and 5.11.1, TIBCO Administrator - Enterprise Edition Distribution for TIBCO Silver Fabric: versions 5.10.2 and below, TIBCO Administrator - Enterprise Edition Distribution for TIBCO Silver Fabric: versions 5.11.0 and 5.11.1, TIBCO Administrator - Enterprise Edition for z/Linux: versions 5.10.2 and below, and TIBCO Administrator - Enterprise Edition for z/Linux: versions 5.11.0 and 5.11.1.
### POC
#### Reference
- http://www.tibco.com/services/support/advisories
#### Github
No PoCs found on GitHub currently.
Reference in New Issue View Git Blame Copy Permalink