Security Advisory

CVE-2019-11208

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-08-08 15:36:52

Last updated 2024-09-17 02:53:22

Assigner tibco

State PUBLISHED

Description

The authorization component of TIBCO Software Inc.s TIBCO API Exchange Gateway, and TIBCO API Exchange Gateway Distribution for TIBCO Silver Fabric contains a vulnerability that theoretically processes OAuth authorization incorrectly, leading to potential escalation of privileges for the specific customer endpoint, when the implementation uses multiple scopes. This issue affects: TIBCO Software Inc.s TIBCO API Exchange Gateway version 2.3.1 and prior versions, and TIBCO API Exchange Gateway Distribution for TIBCO Silver Fabric version 2.3.1 and prior versions.

← Browse all CVEs View on cve.org ↗