First published: Wed Apr 24 2019(Updated: )
The workspace client, openspace client, and app development client of TIBCO Software Inc.'s TIBCO ActiveMatrix BPM, TIBCO ActiveMatrix BPM Distribution for TIBCO Silver Fabric, and TIBCO Silver Fabric Enabler for ActiveMatrix BPM contain a vulnerability wherein a malicious URL could trick a user into visiting a website of the attacker's choice. Affected releases are TIBCO Software Inc.'s TIBCO ActiveMatrix BPM: versions up to and including 4.2.0, TIBCO ActiveMatrix BPM Distribution for TIBCO Silver Fabric: versions up to and including 4.2.0, and TIBCO Silver Fabric Enabler for ActiveMatrix BPM: versions up to and including 1.4.1.
Credit: security@tibco.com security@tibco.com
Affected Software | Affected Version | How to fix |
---|---|---|
TIBCO ActiveMatrix BPM | <=4.2.0 | |
Tibco Activematrix Bpm | <=4.2.0 | |
Tibco Silver Fabric Enabler | <=1.4.1 | |
<=4.2.0 | ||
<=4.2.0 | ||
<=1.4.1 |
TIBCO has released updated versions of the affected components which address these issues. For each affected system, update to the corresponding software versions: TIBCO ActiveMatrix BPM versions 4.2.0 and below update to version 4.3.0 or higher TIBCO ActiveMatrix BPM Distribution for TIBCO Silver Fabric versions 4.2.0 and below update to 4.3.0 or higher TIBCO Silver Fabric Enabler for ActiveMatrix BPM versions 1.4.1 and below update to version 1.4.2 or higher
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.