Loading
The TIBCO Data Virtualization Server component of TIBCO Software Inc.'s TIBCO Data Virtualization and TIBCO Data Virtualization for AWS Marketplace contains a vulnerability that theoretically allows a malicious authenticated user to download any arbitrary file from the affected system. The user must be authenticated and have privileges required to monitor the server in an operational capacity. Affected releases are TIBCO Software Inc.'s TIBCO Data Virtualization: versions 7.0.8 and below, versions 8.0.0, 8.1.0, 8.1.1, and 8.2.0 and TIBCO Data Virtualization for AWS Marketplace: versions 8.2.0 and below.
Use Tibco vendor hub and Data Virtualization product page to widen CVE-2020-9415 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2018-5428, CVE-2022-30570 and CVE-2021-35500 for nearby disclosures in the same product family.