Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for iprocess_workspace by tibco

    CVE-2011-2021 (GCVE-0-2011-2021)

    Vulnerability from nvd – Published: 2011-05-20 22:00 – Updated: 2024-08-06 22:46
    VLAI
    Summary
    Session fixation vulnerability in TIBCO iProcess Engine before 11.1.3 and iProcess Workspace before 11.3.1 allows remote attackers to hijack web sessions via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.tibco.com/services/support/advisories/… x_refsource_CONFIRM
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/bid/47921 vdb-entryx_refsource_BID
    http://osvdb.org/72554 vdb-entryx_refsource_OSVDB
    http://www.vupen.com/english/advisories/2011/1272 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/44639 third-party-advisoryx_refsource_SECUNIA
    http://www.tibco.com/multimedia/iprocess_advisory… x_refsource_CONFIRM
    Date Public
    2011-05-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T22:46:00.920Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.tibco.com/services/support/advisories/iprocess-advisory_20110518.jsp"
              },
              {
                "name": "iprocess-unspecified-session-hijacking(67538)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67538"
              },
              {
                "name": "47921",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/47921"
              },
              {
                "name": "72554",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/72554"
              },
              {
                "name": "ADV-2011-1272",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2011/1272"
              },
              {
                "name": "44639",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/44639"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.tibco.com/multimedia/iprocess_advisory_20110518_tcm8-13710.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-05-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Session fixation vulnerability in TIBCO iProcess Engine before 11.1.3 and iProcess Workspace before 11.3.1 allows remote attackers to hijack web sessions via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.tibco.com/services/support/advisories/iprocess-advisory_20110518.jsp"
            },
            {
              "name": "iprocess-unspecified-session-hijacking(67538)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67538"
            },
            {
              "name": "47921",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/47921"
            },
            {
              "name": "72554",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/72554"
            },
            {
              "name": "ADV-2011-1272",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2011/1272"
            },
            {
              "name": "44639",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/44639"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.tibco.com/multimedia/iprocess_advisory_20110518_tcm8-13710.txt"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2011-2021",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Session fixation vulnerability in TIBCO iProcess Engine before 11.1.3 and iProcess Workspace before 11.3.1 allows remote attackers to hijack web sessions via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.tibco.com/services/support/advisories/iprocess-advisory_20110518.jsp",
                  "refsource": "CONFIRM",
                  "url": "http://www.tibco.com/services/support/advisories/iprocess-advisory_20110518.jsp"
                },
                {
                  "name": "iprocess-unspecified-session-hijacking(67538)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67538"
                },
                {
                  "name": "47921",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/47921"
                },
                {
                  "name": "72554",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/72554"
                },
                {
                  "name": "ADV-2011-1272",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2011/1272"
                },
                {
                  "name": "44639",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/44639"
                },
                {
                  "name": "http://www.tibco.com/multimedia/iprocess_advisory_20110518_tcm8-13710.txt",
                  "refsource": "CONFIRM",
                  "url": "http://www.tibco.com/multimedia/iprocess_advisory_20110518_tcm8-13710.txt"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2011-2021",
        "datePublished": "2011-05-20T22:00:00.000Z",
        "dateReserved": "2011-05-09T00:00:00.000Z",
        "dateUpdated": "2024-08-06T22:46:00.920Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-2020 (GCVE-0-2011-2020)

    Vulnerability from nvd – Published: 2011-05-20 22:00 – Updated: 2024-08-06 22:46
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in TIBCO iProcess Engine before 11.1.3 and iProcess Workspace before 11.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.tibco.com/services/support/advisories/… x_refsource_CONFIRM
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/bid/47921 vdb-entryx_refsource_BID
    http://www.vupen.com/english/advisories/2011/1272 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/44639 third-party-advisoryx_refsource_SECUNIA
    http://osvdb.org/72553 vdb-entryx_refsource_OSVDB
    http://www.tibco.com/multimedia/iprocess_advisory… x_refsource_CONFIRM
    Date Public
    2011-05-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T22:46:00.936Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.tibco.com/services/support/advisories/iprocess-advisory_20110518.jsp"
              },
              {
                "name": "iprocess-unspecified-xss(67537)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67537"
              },
              {
                "name": "47921",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/47921"
              },
              {
                "name": "ADV-2011-1272",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2011/1272"
              },
              {
                "name": "44639",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/44639"
              },
              {
                "name": "72553",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/72553"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.tibco.com/multimedia/iprocess_advisory_20110518_tcm8-13710.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-05-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in TIBCO iProcess Engine before 11.1.3 and iProcess Workspace before 11.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.tibco.com/services/support/advisories/iprocess-advisory_20110518.jsp"
            },
            {
              "name": "iprocess-unspecified-xss(67537)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67537"
            },
            {
              "name": "47921",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/47921"
            },
            {
              "name": "ADV-2011-1272",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2011/1272"
            },
            {
              "name": "44639",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/44639"
            },
            {
              "name": "72553",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/72553"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.tibco.com/multimedia/iprocess_advisory_20110518_tcm8-13710.txt"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2011-2020",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in TIBCO iProcess Engine before 11.1.3 and iProcess Workspace before 11.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.tibco.com/services/support/advisories/iprocess-advisory_20110518.jsp",
                  "refsource": "CONFIRM",
                  "url": "http://www.tibco.com/services/support/advisories/iprocess-advisory_20110518.jsp"
                },
                {
                  "name": "iprocess-unspecified-xss(67537)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67537"
                },
                {
                  "name": "47921",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/47921"
                },
                {
                  "name": "ADV-2011-1272",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2011/1272"
                },
                {
                  "name": "44639",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/44639"
                },
                {
                  "name": "72553",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/72553"
                },
                {
                  "name": "http://www.tibco.com/multimedia/iprocess_advisory_20110518_tcm8-13710.txt",
                  "refsource": "CONFIRM",
                  "url": "http://www.tibco.com/multimedia/iprocess_advisory_20110518_tcm8-13710.txt"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2011-2020",
        "datePublished": "2011-05-20T22:00:00.000Z",
        "dateReserved": "2011-05-09T00:00:00.000Z",
        "dateUpdated": "2024-08-06T22:46:00.936Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-2020 (GCVE-0-2011-2020)

    Vulnerability from cvelistv5 – Published: 2011-05-20 22:00 – Updated: 2024-08-06 22:46
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in TIBCO iProcess Engine before 11.1.3 and iProcess Workspace before 11.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.tibco.com/services/support/advisories/… x_refsource_CONFIRM
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/bid/47921 vdb-entryx_refsource_BID
    http://www.vupen.com/english/advisories/2011/1272 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/44639 third-party-advisoryx_refsource_SECUNIA
    http://osvdb.org/72553 vdb-entryx_refsource_OSVDB
    http://www.tibco.com/multimedia/iprocess_advisory… x_refsource_CONFIRM
    Date Public
    2011-05-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T22:46:00.936Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.tibco.com/services/support/advisories/iprocess-advisory_20110518.jsp"
              },
              {
                "name": "iprocess-unspecified-xss(67537)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67537"
              },
              {
                "name": "47921",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/47921"
              },
              {
                "name": "ADV-2011-1272",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2011/1272"
              },
              {
                "name": "44639",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/44639"
              },
              {
                "name": "72553",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/72553"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.tibco.com/multimedia/iprocess_advisory_20110518_tcm8-13710.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-05-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in TIBCO iProcess Engine before 11.1.3 and iProcess Workspace before 11.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.tibco.com/services/support/advisories/iprocess-advisory_20110518.jsp"
            },
            {
              "name": "iprocess-unspecified-xss(67537)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67537"
            },
            {
              "name": "47921",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/47921"
            },
            {
              "name": "ADV-2011-1272",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2011/1272"
            },
            {
              "name": "44639",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/44639"
            },
            {
              "name": "72553",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/72553"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.tibco.com/multimedia/iprocess_advisory_20110518_tcm8-13710.txt"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2011-2020",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in TIBCO iProcess Engine before 11.1.3 and iProcess Workspace before 11.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.tibco.com/services/support/advisories/iprocess-advisory_20110518.jsp",
                  "refsource": "CONFIRM",
                  "url": "http://www.tibco.com/services/support/advisories/iprocess-advisory_20110518.jsp"
                },
                {
                  "name": "iprocess-unspecified-xss(67537)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67537"
                },
                {
                  "name": "47921",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/47921"
                },
                {
                  "name": "ADV-2011-1272",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2011/1272"
                },
                {
                  "name": "44639",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/44639"
                },
                {
                  "name": "72553",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/72553"
                },
                {
                  "name": "http://www.tibco.com/multimedia/iprocess_advisory_20110518_tcm8-13710.txt",
                  "refsource": "CONFIRM",
                  "url": "http://www.tibco.com/multimedia/iprocess_advisory_20110518_tcm8-13710.txt"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2011-2020",
        "datePublished": "2011-05-20T22:00:00.000Z",
        "dateReserved": "2011-05-09T00:00:00.000Z",
        "dateUpdated": "2024-08-06T22:46:00.936Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-2021 (GCVE-0-2011-2021)

    Vulnerability from cvelistv5 – Published: 2011-05-20 22:00 – Updated: 2024-08-06 22:46
    VLAI
    Summary
    Session fixation vulnerability in TIBCO iProcess Engine before 11.1.3 and iProcess Workspace before 11.3.1 allows remote attackers to hijack web sessions via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.tibco.com/services/support/advisories/… x_refsource_CONFIRM
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/bid/47921 vdb-entryx_refsource_BID
    http://osvdb.org/72554 vdb-entryx_refsource_OSVDB
    http://www.vupen.com/english/advisories/2011/1272 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/44639 third-party-advisoryx_refsource_SECUNIA
    http://www.tibco.com/multimedia/iprocess_advisory… x_refsource_CONFIRM
    Date Public
    2011-05-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T22:46:00.920Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.tibco.com/services/support/advisories/iprocess-advisory_20110518.jsp"
              },
              {
                "name": "iprocess-unspecified-session-hijacking(67538)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67538"
              },
              {
                "name": "47921",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/47921"
              },
              {
                "name": "72554",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/72554"
              },
              {
                "name": "ADV-2011-1272",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2011/1272"
              },
              {
                "name": "44639",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/44639"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.tibco.com/multimedia/iprocess_advisory_20110518_tcm8-13710.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-05-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Session fixation vulnerability in TIBCO iProcess Engine before 11.1.3 and iProcess Workspace before 11.3.1 allows remote attackers to hijack web sessions via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.tibco.com/services/support/advisories/iprocess-advisory_20110518.jsp"
            },
            {
              "name": "iprocess-unspecified-session-hijacking(67538)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67538"
            },
            {
              "name": "47921",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/47921"
            },
            {
              "name": "72554",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/72554"
            },
            {
              "name": "ADV-2011-1272",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2011/1272"
            },
            {
              "name": "44639",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/44639"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.tibco.com/multimedia/iprocess_advisory_20110518_tcm8-13710.txt"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2011-2021",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Session fixation vulnerability in TIBCO iProcess Engine before 11.1.3 and iProcess Workspace before 11.3.1 allows remote attackers to hijack web sessions via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.tibco.com/services/support/advisories/iprocess-advisory_20110518.jsp",
                  "refsource": "CONFIRM",
                  "url": "http://www.tibco.com/services/support/advisories/iprocess-advisory_20110518.jsp"
                },
                {
                  "name": "iprocess-unspecified-session-hijacking(67538)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67538"
                },
                {
                  "name": "47921",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/47921"
                },
                {
                  "name": "72554",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/72554"
                },
                {
                  "name": "ADV-2011-1272",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2011/1272"
                },
                {
                  "name": "44639",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/44639"
                },
                {
                  "name": "http://www.tibco.com/multimedia/iprocess_advisory_20110518_tcm8-13710.txt",
                  "refsource": "CONFIRM",
                  "url": "http://www.tibco.com/multimedia/iprocess_advisory_20110518_tcm8-13710.txt"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2011-2021",
        "datePublished": "2011-05-20T22:00:00.000Z",
        "dateReserved": "2011-05-09T00:00:00.000Z",
        "dateUpdated": "2024-08-06T22:46:00.920Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }