wid-sec-w-2026-0842
·
Published 2026-03-24
·
View on BSI CERT-Bund ↗
TIBCO ActiveMatrix: Vulnerability allows Offenlegung from Informationen and Manipulation from Daten
CVSS 8.7
HIGH
Risk Summary
Injection vulnerabilities due to validation/sanitisation of user-supplied input in ActiveMatrix BusinessWorks and Enterprise Administrator allows information disclosure, including exposure of accessible local files and host system details, and may allow manipulation of application behaviour.
CVEs (1)
Affected Vendors
TIBCO
Affected Products (10)
TIBCO
·
ActiveMatrix
BusinessWorks <6.12.0 HF1
TIBCO
·
ActiveMatrix
BusinessWorks 6.12.0 HF1
TIBCO
·
ActiveMatrix
BusinessWorks <6.11.0 HF4
TIBCO
·
ActiveMatrix
BusinessWorks 6.11.0 HF4
TIBCO
·
ActiveMatrix
BusinessWorks <6.10.0 HF6
TIBCO
·
ActiveMatrix
BusinessWorks 6.10.0 HF6
TIBCO
·
ActiveMatrix
BusinessWorks <6.9.1 HF8
TIBCO
·
ActiveMatrix
BusinessWorks 6.9.1 HF8
TIBCO
·
Administrator
Enterprise <2.4.3 HF2
TIBCO
·
Administrator
Enterprise 2.4.3 HF2
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more