CVE-2020-27147

Published: Dic 15, 2020 Last Modified: Nov 21, 2024 EU-VD ID: EUVD-2020-19671 Aliases: GSD-2020-27147
ExploitDB:
Other exploit source:
Google Dorks:
MEDIUM 6,5
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: none
User Interaction: none
Scope: unchanged
Confidentiality: low
Integrity: low
Availability: none
MEDIUM 6,4
Source: [email protected]
Access Vector: network
Access Complexity: low
Authentication: none
Confidentiality: partial
Integrity: partial
Availability: none

Description

AI Translation Available

The REST API component of TIBCO Software Inc.'s TIBCO PartnerExpress contains a vulnerability that theoretically allows an unauthenticated attacker with network access to obtain an authenticated login URL for the affected system via a REST API. Affected releases are TIBCO Software Inc.'s TIBCO PartnerExpress: version 6.2.0.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score
0,0027
Percentile
0,5th
Updated

EPSS Score Trend (Last 90 Days)

Application

Partnerexpress by Tibco

Product Information
Vendor Tibco
Product Partnerexpress
Version 6.2.0
cpe:2.3:a:tibco:partnerexpress:6.2.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://www.tibco.com/support/advisories/2020/12/tibco-secu…
Vendor Advisory
https://www.tibco.com/support/advisories/2020/12/tibco-security-advisory-decemb…
http://www.tibco.com/services/support/advisories
Vendor Advisory
http://www.tibco.com/services/support/advisories
https://www.tibco.com/support/advisories/2020/12/tibco-secu…
Vendor Advisory
https://www.tibco.com/support/advisories/2020/12/tibco-security-advisory-decemb…
http://www.tibco.com/services/support/advisories
Vendor Advisory
http://www.tibco.com/services/support/advisories