- Added submission from TIBCO from 2017-10-17.

2025-12-15 12:22:09 +00:00 · 2017-10-17 15:09:26 -04:00 · 2017-10-17 15:09:26 -04:00 · 9bf45b775f
commit 9bf45b775f
parent e28cd11784
1 changed files with 81 additions and 3 deletions
--- a/2017/5xxx/CVE-2017-5531.json
+++ b/2017/5xxx/CVE-2017-5531.json
@ -1,8 +1,49 @@
 {
   "CVE_data_meta" : {
-      "ASSIGNER" : "cve@mitre.org",
+      "ASSIGNER" : "security@tibco.com",
+      "DATE_PUBLIC" : "2017-10-17T09:00:00-07",
      "ID" : "CVE-2017-5531",
-      "STATE" : "RESERVED"
+      "STATE" : "PUBLIC",
+      "TITLE" : "TIBCO Managed File Transfer privilege escalation vulnerabilities"
+   },
+   "affects" : {
+      "vendor" : {
+         "vendor_data" : [
+            {
+               "product" : {
+                  "product_data" : [
+                     {
+                        "product_name" : "TIBCO Managed File Transfer Command Center",
+                        "version" : {
+                           "version_data" : [
+                              {
+                                 "version_value" : "8.0.0"
+                              },
+                              {
+                                 "version_value" : "8.0.1"
+                              }
+                           ]
+                        }
+                     },
+                     {
+                        "product_name" : "TIBCO Managed File Transfer Internet Server",
+                        "version" : {
+                           "version_data" : [
+                              {
+                                 "version_value" : "8.0.0"
+                              },
+                              {
+                                 "version_value" : "8.0.1"
+                              }
+                           ]
+                        }
+                     }
+                  ]
+               },
+               "vendor_name" : "TIBCO Software Inc."
+            }
+         ]
+      }
   },
   "data_format" : "MITRE",
   "data_type" : "CVE",
@ -11,7 +52,44 @@
      "description_data" : [
         {
            "lang" : "eng",
-            "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+            "value" : "Deployments of TIBCO Managed File Transfer Command Center versions 8.0.0 and 8.0.1 and TIBCO Managed File Transfer Internet Server versions 8.0.0 and 8.0.1 that enable the Administrator Service may be affected by a vulnerability which may allow any authenticated user to gain administrative control of Managed File Transfer web applications."
+         }
+      ]
+   },
+   "impact" : {
+      "cvssv3" : {
+         "BM" : {
+            "A" : "H",
+            "AC" : "L",
+            "AV" : "N",
+            "C" : "H",
+            "I" : "H",
+            "PR" : "L",
+            "S" : "U",
+            "SCORE" : "8.0",
+            "UI" : "R"
+         }
+      }
+   },
+   "problemtype" : {
+      "problemtype_data" : [
+         {
+            "description" : [
+               {
+                  "lang" : "eng",
+                  "value" : "privilege escalation"
+               }
+            ]
+         }
+      ]
+   },
+   "references" : {
+      "reference_data" : [
+         {
+            "url" : "http://www.tibco.com/services/support/advisories"
+         },
+         {
+            "url" : "https://www.tibco.com/support/advisories/2017/10/tibco-security-advisory-october-17-2017-tibco-managed-file-transfer"
         }
      ]
   }