CVE-2015-5711

Published: Sep 29, 2015Modified: May 6, 2026

4.0

Vector

AV:N/AC:L/Au:S/C:P/I:N/A:N

Exploitability: 8.0 / Impact: 2.9

Source: NVD

Description

TIBCO Managed File Transfer Internet Server before 7.2.5, Managed File Transfer Command Center before 7.2.5, Slingshot before 1.9.4, and Vault before 2.0.1 allow remote authenticated users to obtain sensitive information via a crafted HTTP request.

Affected (4)

Products: Tibco: Managed File Transfer Internet Server, Vault, Managed File Transfer Command Center, Slingshot

Tibco

4 products

Managed File Transfer Internet Server

Vault

Managed File Transfer Command Center

Slingshot

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Tibco Managed File Transfer Internet Server	Up to 7.2.4

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Tibco Vault	Up to 2.0.0

Configuration C

1 vulnerable

Vulnerable Software	Affected Versions
Tibco Managed File Transfer Command Center	Up to 7.2.4

Configuration D

1 vulnerable

Vulnerable Software	Affected Versions
Tibco Slingshot	Up to 1.9.3

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (6)

http://www.securitytracker.com/id/1033678

Source: cve@mitre.org

http://www.tibco.com/assets/blt423f06fbac6ee0c6/2015-003-advisory.txt

Source: cve@mitre.org

Vendor Advisory

http://www.tibco.com/mk/advisory.jsp

Source: cve@mitre.org

Vendor Advisory

http://www.securitytracker.com/id/1033678

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.tibco.com/assets/blt423f06fbac6ee0c6/2015-003-advisory.txt

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.tibco.com/mk/advisory.jsp

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.