Remote Code Execution (RCE) Vulnerability in TIBCO Managed File Transfer Platform Server for UNIX and z/Linux

Remote Code Execution (RCE) Vulnerability in TIBCO Managed File Transfer Platform Server for UNIX and z/Linux

CVE-2022-22772 · HIGH Severity

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

The cfsend, cfrecv, and CyberResp components of TIBCO Software Inc.'s TIBCO Managed File Transfer Platform Server for UNIX and TIBCO Managed File Transfer Platform Server for z/Linux contain a difficult to exploit Remote Code Execution (RCE) vulnerability that allows a low privileged attacker with network access to execute arbitrary code on the affected system. Affected releases are TIBCO Software Inc.'s TIBCO Managed File Transfer Platform Server for UNIX: versions 8.1.0 and below and TIBCO Managed File Transfer Platform Server for z/Linux: versions 8.1.0 and below.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.