CVE-2025-11548
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-10-14
Last updated on: 2025-10-14
Assigner: TIBCO Software Inc.
Description
Description
A remote, unauthenticated privilege escalation in ibi WebFOCUS allows an attacker to gain administrative access to the application which may lead to unauthenticated Remote Code Execution
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| tibco | webfocus | 4.0 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-94 | The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a remote, unauthenticated privilege escalation in ibi WebFOCUS that allows an attacker to gain administrative access to the application. This unauthorized access may further lead to remote code execution without authentication.
How can this vulnerability impact me? :
The vulnerability can allow an attacker to gain administrative control over the ibi WebFOCUS application remotely without authentication, potentially leading to unauthorized actions, data compromise, and remote code execution on the affected system.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70