The cfsend, cfrecv, and CyberResp components of TIBCO Software Inc.s TIBCO Managed File Transfer Platform Server for UNIX and TIBCO Managed File Transfer Platform Server for z/Linux contain a difficult to exploit Remote Code Execution (RCE) vulnerability that allows a low privileged attacker with network access to execute arbitrary code on the affected system. Affected releases are TIBCO Software Inc.s TIBCO Managed File Transfer Platform Server for UNIX: versions 8.1.0 and below and TIBCO Managed File Transfer Platform Server for z/Linux: versions 8.1.0 and below.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Managed_file_transfer_platform_server | Tibco | * | 8.1.1 (excluding) |
References
- https://www.tibco.com/services/support/advisories
- https://www.tibco.com/support/advisories/2022/03/tibco-security-advisory-march-30-2022-tibco-managed-file-transfer-2022-22772
- https://www.tibco.com/services/support/advisories
- https://www.tibco.com/support/advisories/2022/03/tibco-security-advisory-march-30-2022-tibco-managed-file-transfer-2022-22772