Cross-Site Request Forgery (CSRF) Vulnerability in TIBCO FTL Server

CVE-2018-12412 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

The realm server (tibrealmserver) component of TIBCO Software Inc. TIBCO FTL - Community Edition, TIBCO FTL - Developer Edition, and TIBCO FTL - Enterprise Edition contains a vulnerability which may allow an attacker to perform cross-site request forgery (CSRF) attacks. Affected releases are TIBCO Software Inc. TIBCO FTL - Community Edition: versions up to and including 5.4.0, TIBCO FTL - Developer Edition: versions up to and including 5.4.0, TIBCO FTL - Enterprise Edition: versions up to and including 5.4.0.

Learn more about our Cis Benchmark Audit For Server Software.