What is CVE-2021-28829?

CVE-2021-28829 is a vulnerability in the Administration GUI component of TIBCO Administrator - Enterprise Edition.

What is the severity of CVE-2021-28829?

CVE-2021-28829 has a severity level of high (8).

How can I fix CVE-2021-28829?

Apply the necessary patches or updates provided by TIBCO Software Inc. to fix CVE-2021-28829.

Where can I find more information about CVE-2021-28829?

You can find more information about CVE-2021-28829 in the TIBCO Security Advisory and the TIBCO support advisories.

Vulnerability/
CVE-2021-28829

high

CWE

20/4/2021

16/9/2024

CVE-2021-28829: TIBCO Administrator CSV injection vulnerability

Q: Which software versions are affected by CVE-2021-28829?

Versions up to and including 5.10.2 of TIBCO Administrator - Enterprise Edition, TIBCO Administrator - Enterprise Edition Distribution for TIBCO Silver Fabric, and TIBCO Administrator - Enterprise Edition Distribution for TIBCO Silver Fabric on z/Linux are affected.

First published: Tue Apr 20 2021(Updated: )

The Administration GUI component of TIBCO Software Inc.'s TIBCO Administrator - Enterprise Edition, TIBCO Administrator - Enterprise Edition, TIBCO Administrator - Enterprise Edition Distribution for TIBCO Silver Fabric, TIBCO Administrator - Enterprise Edition Distribution for TIBCO Silver Fabric, TIBCO Administrator - Enterprise Edition for z/Linux, and TIBCO Administrator - Enterprise Edition for z/Linux contains an easily exploitable vulnerability that allows a low privileged attacker with network access to execute a persistent CSV injection attack from the affected system. A successful attack using this vulnerability requires human interaction from a person other than the attacker. Affected releases are TIBCO Software Inc.'s TIBCO Administrator - Enterprise Edition: versions 5.10.2 and below, TIBCO Administrator - Enterprise Edition: versions 5.11.0 and 5.11.1, TIBCO Administrator - Enterprise Edition Distribution for TIBCO Silver Fabric: versions 5.10.2 and below, TIBCO Administrator - Enterprise Edition Distribution for TIBCO Silver Fabric: versions 5.11.0 and 5.11.1, TIBCO Administrator - Enterprise Edition for z/Linux: versions 5.10.2 and below, and TIBCO Administrator - Enterprise Edition for z/Linux: versions 5.11.0 and 5.11.1.

Credit: security@tibco.com

Affected Software	Affected Version	How to fix
Tibco Administrator	<=5.10.2
Tibco Administrator	<=5.10.2
Tibco Administrator	<=5.10.2
Tibco Administrator	=5.11.0
Tibco Administrator	=5.11.0
Tibco Administrator	=5.11.0
Tibco Administrator	=5.11.1
Tibco Administrator	=5.11.1
Tibco Administrator	=5.11.1

Remedy

TIBCO has released updated versions of the affected components which address these issues. TIBCO Administrator - Enterprise Edition versions 5.10.2 and below update to version 5.10.3 or higher TIBCO Administrator - Enterprise Edition versions 5.11.0 and 5.11.1 update to version 5.11.2 or higher TIBCO Administrator - Enterprise Edition Distribution for TIBCO Silver Fabric versions 5.10.2 and below update to version 5.10.3 or higher TIBCO Administrator - Enterprise Edition Distribution for TIBCO Silver Fabric versions 5.11.0 and 5.11.1 update to version 5.11.2 or higher TIBCO Administrator - Enterprise Edition for z/Linux versions 5.10.2 and below update to version 5.10.3 or higher TIBCO Administrator - Enterprise Edition for z/Linux versions 5.11.0 and 5.11.1 update to version 5.11.2 or higher

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2021-28829?
CVE-2021-28829 is a vulnerability in the Administration GUI component of TIBCO Administrator - Enterprise Edition.
What is the severity of CVE-2021-28829?
CVE-2021-28829 has a severity level of high (8).
Which software versions are affected by CVE-2021-28829?
Versions up to and including 5.10.2 of TIBCO Administrator - Enterprise Edition, TIBCO Administrator - Enterprise Edition Distribution for TIBCO Silver Fabric, and TIBCO Administrator - Enterprise Edition Distribution for TIBCO Silver Fabric on z/Linux are affected.
How can I fix CVE-2021-28829?
Apply the necessary patches or updates provided by TIBCO Software Inc. to fix CVE-2021-28829.
Where can I find more information about CVE-2021-28829?
You can find more information about CVE-2021-28829 in the TIBCO Security Advisory and the TIBCO support advisories.

collector/nvd-index
agent/references
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/weakness
agent/last-modified-date
agent/title
agent/severity
agent/author
agent/remedy
agent/tags
agent/description
agent/first-publish-date
agent/event
vendor/tibco
canonical/tibco administrator
version/tibco administrator/5.10.2
version/tibco administrator/5.11.0
version/tibco administrator/5.11.1

CVE-2021-28829: TIBCO Administrator CSV injection vulnerability

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2021-28829?

What is the severity of CVE-2021-28829?

Which software versions are affected by CVE-2021-28829?

How can I fix CVE-2021-28829?

Where can I find more information about CVE-2021-28829?

Company

Resources

Contact