CVE-2017-5536
Last modified
CVE-2017-5536 is a vulnerability of currently unknown severity. The GridServer Broker, and GridServer Director components of TIBCO Software Inc. TIBCO DataSynapse GridServer Manager contain vulnerabilities which may allow an authenticated user to perform cross-site scripting (XSS). EPSS estimates a 0.68% chance of exploitation in the next 30 days.
Description
The GridServer Broker, and GridServer Director components of TIBCO Software Inc. TIBCO DataSynapse GridServer Manager contain vulnerabilities which may allow an authenticated user to perform cross-site scripting (XSS). In addition, an authenticated user could be a victim of a cross-site request forgery (CSRF) attack. Affected releases include TIBCO Software Inc.'s TIBCO DataSynapse GridServer Manager: versions up to and including 5.1.3; 6.0.0; 6.0.1; 6.0.2; 6.1.0; 6.1.1; and 6.2.0.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Tibco | Datasynapse Gridserver Manager | <= 5.1.3 |
| Tibco | Datasynapse Gridserver Manager | 6.0.0 |
| Tibco | Datasynapse Gridserver Manager | 6.0.1 |
| Tibco | Datasynapse Gridserver Manager | 6.0.2 |
| Tibco | Datasynapse Gridserver Manager | 6.1.0 |
| Tibco | Datasynapse Gridserver Manager | 6.1.1 |
| Tibco | Datasynapse Gridserver Manager | 6.2.0 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2017-5536?
How severe is CVE-2017-5536?
How do I fix CVE-2017-5536?
Are you affected by CVE-2017-5536?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST