TIBCO Administrator Stored Cross Site Scripting vulnerability 漏洞信息(CVE-2021-28827)

一、漏洞 CVE-2021-28827 基础信息

漏洞标题

TIBCO Administrator 存储型跨站脚本漏洞

来源：AIGC 神龙大模型

漏洞描述信息

TIBCO Administrator 存储型跨站脚本漏洞

来源：AIGC 神龙大模型

CVSS信息

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

来源：AIGC 神龙大模型

漏洞类别

N/A

来源：AIGC 神龙大模型

漏洞标题

TIBCO Administrator Stored Cross Site Scripting vulnerability

来源：美国国家漏洞数据库 NVD

漏洞描述信息

The Administration GUI component of TIBCO Software Inc.'s TIBCO Administrator - Enterprise Edition, TIBCO Administrator - Enterprise Edition, TIBCO Administrator - Enterprise Edition Distribution for TIBCO Silver Fabric, TIBCO Administrator - Enterprise Edition Distribution for TIBCO Silver Fabric, TIBCO Administrator - Enterprise Edition for z/Linux, TIBCO Administrator - Enterprise Edition for z/Linux, TIBCO Runtime Agent, TIBCO Runtime Agent, TIBCO Runtime Agent for z/Linux, and TIBCO Runtime Agent for z/Linux contains an easily exploitable vulnerability that allows an unauthenticated attacker to social engineer a legitimate user with network access to execute a Stored XSS attack targeting the affected system. A successful attack using this vulnerability requires human interaction from a person other than the attacker. Affected releases are TIBCO Software Inc.'s TIBCO Administrator - Enterprise Edition: versions 5.10.2 and below, TIBCO Administrator - Enterprise Edition: versions 5.11.0 and 5.11.1, TIBCO Administrator - Enterprise Edition Distribution for TIBCO Silver Fabric: versions 5.10.2 and below, TIBCO Administrator - Enterprise Edition Distribution for TIBCO Silver Fabric: versions 5.11.0 and 5.11.1, TIBCO Administrator - Enterprise Edition for z/Linux: versions 5.10.2 and below, TIBCO Administrator - Enterprise Edition for z/Linux: versions 5.11.0 and 5.11.1, TIBCO Runtime Agent: versions 5.10.2 and below, TIBCO Runtime Agent: versions 5.11.0 and 5.11.1, TIBCO Runtime Agent for z/Linux: versions 5.10.2 and below, and TIBCO Runtime Agent for z/Linux: versions 5.11.0 and 5.11.1.

来源：美国国家漏洞数据库 NVD

CVSS信息

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L

来源：美国国家漏洞数据库 NVD

漏洞类别

N/A

来源：美国国家漏洞数据库 NVD

漏洞标题

Tibco Software TIBCO Administrator and Tibco Software TIBCO Runtime Agent 跨站脚本漏洞

来源：中国国家信息安全漏洞库 CNNVD

漏洞描述信息

Tibco Software TIBCO Administrator和Tibco Software TIBCO Runtime Agent都是美国Tibco Software公司的产品。Tibco Software TIBCO Administrator是一个应用程序。用于管理用户，监视计算机并部署使用TIBCO产品的应用程序。Tibco Software TIBCO Runtime Agent是一个应用程序。用于TIBCO软件和第三方软件的捆绑。 TIBCO Software 存在安全漏洞，攻击者可利用

来源：中国国家信息安全漏洞库 CNNVD

CVSS信息

N/A

来源：中国国家信息安全漏洞库 CNNVD

漏洞类别

跨站脚本

来源：中国国家信息安全漏洞库 CNNVD

二、漏洞 CVE-2021-28827 的公开POC

#	POC 描述	源链接	神龙链接

三、漏洞 CVE-2021-28827 的情报信息

http://www.tibco.com/services/support/advisories x_refsource_CONFIRM
https://www.tibco.com/support/advisories/2021/04/tibco-security-advisory-april-20-2021-tibco-administrator-2021-28827 x_refsource_CONFIRM
https://nvd.nist.gov/vuln/detail/CVE-2021-28827

一、 漏洞 CVE-2021-28827 基础信息

漏洞标题

漏洞描述信息

CVSS信息

漏洞类别

漏洞标题

漏洞描述信息

CVSS信息

漏洞类别

漏洞标题

漏洞描述信息

CVSS信息

漏洞类别

二、漏洞 CVE-2021-28827 的公开POC

三、漏洞 CVE-2021-28827 的情报信息

一、漏洞 CVE-2021-28827 基础信息