What is the severity of CVE-2019-11203?

CVE-2019-11203 has been categorized with a high severity due to its potential for cross site scripting attacks.

How do I fix CVE-2019-11203?

To fix CVE-2019-11203, users should update TIBCO ActiveMatrix BPM, TIBCO Silver Fabric, and related software to their latest versions.

What types of attacks are possible with CVE-2019-11203?

CVE-2019-11203 allows attackers to perform cross site scripting (XSS) attacks, potentially compromising user data.

Which TIBCO products are affected by CVE-2019-11203?

CVE-2019-11203 affects TIBCO ActiveMatrix BPM and TIBCO Silver Fabric, including versions up to 4.2.0 and 1.4.1 respectively.

Is a workaround available for CVE-2019-11203?

No official workaround has been provided for CVE-2019-11203, hence updating to the secure version is recommended.

Vulnerability/
CVE-2019-11203

high

8.8

CWE

79 352

24/4/2019

4/8/2024

CVE-2019-11203: TIBCO ActiveMatrix BPM Cross-Site Scripting and Cross-Site Request Forgery Vulnerabilities

First published: Wed Apr 24 2019(Updated: )

The workspace client, openspace client, app development client, and REST API of TIBCO Software Inc.'s TIBCO ActiveMatrix BPM, TIBCO ActiveMatrix BPM Distribution for TIBCO Silver Fabric, and TIBCO Silver Fabric Enabler for ActiveMatrix BPM contain cross site scripting (XSS) and cross-site request forgery vulnerabilities. Affected releases are TIBCO Software Inc.'s TIBCO ActiveMatrix BPM: versions up to and including 4.2.0, TIBCO ActiveMatrix BPM Distribution for TIBCO Silver Fabric: versions up to and including 4.2.0, and TIBCO Silver Fabric Enabler for ActiveMatrix BPM: versions up to and including 1.4.1.

Credit: security@tibco.com

Affected Software	Affected Version	How to fix
TIBCO ActiveMatrix Business Process Management	<=4.2.0
TIBCO ActiveMatrix Business Process Management	<=4.2.0
TIBCO Silver Fabric Enabler	<=1.4.1

Remedy

TIBCO has released updated versions of the affected components which address these issues. For each affected system, update to the corresponding software versions: TIBCO ActiveMatrix BPM versions 4.2.0 and below update to version 4.3.0 or higher TIBCO ActiveMatrix BPM Distribution for TIBCO Silver Fabric versions 4.2.0 and below update to 4.3.0 or higher TIBCO Silver Fabric Enabler for ActiveMatrix BPM versions 1.4.1 and below update to version 1.4.2 or higher

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2019-11203?
CVE-2019-11203 has been categorized with a high severity due to its potential for cross site scripting attacks.
How do I fix CVE-2019-11203?
To fix CVE-2019-11203, users should update TIBCO ActiveMatrix BPM, TIBCO Silver Fabric, and related software to their latest versions.
What types of attacks are possible with CVE-2019-11203?
CVE-2019-11203 allows attackers to perform cross site scripting (XSS) attacks, potentially compromising user data.
Which TIBCO products are affected by CVE-2019-11203?
CVE-2019-11203 affects TIBCO ActiveMatrix BPM and TIBCO Silver Fabric, including versions up to 4.2.0 and 1.4.1 respectively.
Is a workaround available for CVE-2019-11203?
No official workaround has been provided for CVE-2019-11203, hence updating to the secure version is recommended.

agent/weakness
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/severity
agent/references
agent/author
agent/remedy
agent/title
agent/last-modified-date
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/tibco
canonical/tibco activematrix business process management
version/tibco activematrix business process management/4.2.0
canonical/tibco silver fabric enabler
version/tibco silver fabric enabler/1.4.1