Manoj Chaurasia Posted May 15, 2014 Share Posted May 15, 2014 i'd like to know more about the MFT security advistory, CVE-2014-2545. So far we know this: "CVE-2014-2545 TIBCO Managed File Transfer Internet Server before 7.2.2, Managed File Transfer Command Center before 7.2.2, Slingshot before 1.9.1, and Vault before 1.0.1 allow remote attackers to obtain sensitive information via a crafted HTTP request." "CVSS v2 Base Score: 5.0 (MEDIUM) (AV:N/AC:L/AU:N/C:P/I:N/A:N) (legend) " Obviously I'll follow the advise and update to 7.2.2. It is rated a MEDIUM - but some more information will helpassess the urgency. - The vulnerability refers to HTTP requests. Are HTTPS connections affected - Is this in any way related to Heartbleed Are private keys exposedWill I have to re-generated my SSL keys as part of my overall upgrade procedure Link to comment Share on other sites More sharing options...
Donald Johnson Posted October 2, 2019 Share Posted October 2, 2019 Please refer toTIBCO Securityfor these issues. It has links to all of this type of information and TIBCO's Security Policies and Procedures. It also provides the relevant contact information for security related issues. Due to the potential impact, we don't detail these issues in TIBCO Community. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now