Jump to content
The TIBCO Platform is a real-time, composable data platform that will bring together an evolving set of your TIBCO solutions - and it's available now! See more information here ×

TIBCO released a security advisory for BW, is there any impact on BW 5.x due to this


Harish Yadav

Recommended Posts

TIBCO just released the security advisory for business works.

https://www.tibco.com/support/advisories/2019/04/tibco-security-advisory...

is there any impact on BW 5.x due to this

-------------------------------------------------------------------------------------------------------------------------

Systems Affected

 

TIBCO ActiveMatrix BusinessWorks versions 6.4.2 and below

 

The following component is affected:

 

HTTP Connector

 

Description

 

The component listed above contains a vulnerability that theoretically allows unauthenticated HTTP requests to be processed by the BusinessWorks engine even when authentication is required. This possibility is restricted to circumstances where HTTP "Basic Authentication" policy is used in conjunction with an XML Authentication resource. The BusinessWorks engine might instead use credentials from a prior HTTP request for authorization purposes.

 

------------------------------------------------------------------------------------------------------------------------

Thanks,

Harry

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...