CVE-2017-5531

Deployments of TIBCO Managed File Transfer Command Center versions 8.0.0 and 8.0.1 and TIBCO Managed File Transfer Internet Server versions 8.0.0 and 8.0.1 that enable the Administrator Service may be affected by a vulnerability which may allow any authenticated user to gain administrative control of Managed File Transfer web applications.

Published: Oct 17, 2017
Updated: Apr 13, 2023
CVE: CVE-2017-5531
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.8
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: Medium
Score: 6.5
AV:N/AC:L/Au:S/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
tibco / managed_file_transfer_internet_server	8.0.0	8.0.0.x
tibco / managed_file_transfer_internet_server	8.0.1	8.0.1.x
tibco / managed_file_transfer_command_center	8.0.1	8.0.1.x
tibco / managed_file_transfer_command_center	8.0.0	8.0.0.x

http://www.securityfocus.com/bid/101545
http://www.tibco.com/services/support/advisories
https://www.tibco.com/support/advisories/2017/10/tibco-security-advisory-october-17-2017-tibco-managed-file-transfer

Vulnerability Database

CVE-2017-5531