Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-2021

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2011-2021
Last Modified 10 Jun 2011 10:37:32
Published 20 May 2011 06:55:05
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-2021

Summary

Session fixation vulnerability in TIBCO iProcess Engine before 11.1.3 and iProcess Workspace before 11.3.1 allows remote attackers to hijack web sessions via unspecified vectors.

Vulnerable Systems

Application

  • Tibco Iprocess Engine 10.3.0

  • Tibco Iprocess Engine 10.3.1

  • Tibco Iprocess Engine 10.3.2

  • Tibco Iprocess Engine 10.3.3

  • Tibco Iprocess Engine 10.3.4

  • Tibco Iprocess Engine 10.3.5

  • Tibco Iprocess Engine 10.4

  • Tibco Iprocess Engine 10.4.1

  • Tibco Iprocess Engine 10.5

  • Tibco Iprocess Engine 10.6

  • Tibco Iprocess Engine 10.6.0

  • Tibco Iprocess Engine 10.6.1

  • Tibco Iprocess Engine 10.6.2

  • Tibco Iprocess Engine 11.0

  • Tibco Iprocess Engine 11.1.1

  • Tibco Iprocess Engine 11.1.2

  • Tibco Iprocess Workspace 11.0

  • Tibco Iprocess Workspace 11.1

  • Tibco Iprocess Workspace 11.2

  • Tibco Iprocess Workspace 11.3


References

XF - iprocess-unspecified-session-hijacking(67538)

VUPEN - ADV-2011-1272

CONFIRM - http://www.tibco.com/services/support/advisories/iprocess-advisory_20110518.jsp

CONFIRM - http://www.tibco.com/multimedia/iprocess_advisory_20110518_tcm8-13710.txt

BID - 47921

SECUNIA - 44639

OSVDB - 72554


Last Updated: 27 May 2016 10:56:53