Arbitrary file upload in Tibco Activematrix_bpm

CVE-2019-8992

The administrative server component of TIBCO Software Inc.'s TIBCO ActiveMatrix BPM, TIBCO ActiveMatrix BPM Distribution for TIBCO Silver Fabric, TIBCO ActiveMatrix Policy Director, TIBCO ActiveMatrix Service Bus, TIBCO ActiveMatrix Servic…

Vulnerability class: Unrestricted File Upload

EPSS: 0.022 (80.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.8 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.

Affected products

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2019-8992?
CVE-2019-8992 is a high-severity vulnerability in Tibco Activematrix_bpm, classified under Unrestricted Upload of File with Dangerous Type. CVSS score: 8.8/10. Published 2019-04-24.
How severe is CVE-2019-8992?
High severity. CVSS v3 base score is 8.8 out of 10.