TIBCO takes its security responsibilities very seriously. This page provides information about TIBCO security and how customers or security researchers can contact TIBCO to report or ask about a security issue.
TIBCO Security Advisory: November 17, 2015 - TIBCO LogLogic®
The TIBCO LogLogic Unity components listed above contain a vulnerability in the handling of HTTP requests which may result in escalation of privilege.
TIBCO has released updated versions of the affected software products which address these issues. TIBCO strongly recommends sites running the affected components install the applicable update as described below.
TIBCO LogLogic Unity 1.1.0 and earlier
The following components are affected:
- TIBCO LogLogic Unity Web Server
The impact of this vulnerability is escalation of privilege resulting in information disclosure.
CVSS v2 Base Score: 3.5 (AV:N/AC:M/Au:S/C:P/I:P/A:N)
For each affected system, update to the corresponding software versions:
- TIBCO LogLogic Unity 1.1.1 or higher