CVE-2018-18810 Vulnerability Details

  /     /     /  

CVE-2018-18810 Metadata Quick Info

CVE Published: 11/12/2018 | CVE Updated: 17/09/2024 | CVE Year: 2018
Source: tibco | Vendor: TIBCO Software Inc. | Product: TIBCO Managed File Transfer Command Center
Status : PUBLISHED

---

CVE-2018-18810 Description

The Administrator Service component of TIBCO Software Inc.\'s TIBCO Managed File Transfer Command Center, and TIBCO Managed File Transfer Internet Server contains vulnerabilities where an authenticated user with specific privileges can gain access to credentials to other systems. Affected releases are TIBCO Software Inc.\'s TIBCO Managed File Transfer Command Center: versions up to and including 7.3.2; 8.0.0; 8.0.1; 8.0.2; 8.1.0, and TIBCO Managed File Transfer Internet Server: versions up to and including 7.3.2; 8.0.0; 8.0.1; 8.0.2; 8.1.0.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID:
CWE Name: The impact of this vulnerability includes the theoretical possibility that an authenticated user with specific kinds of privileges could view credentials used to access other services, when they should not be able to do so.
Source: TIBCO Software Inc.

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).