TIBCO ActiveMatrix Vulnerability Allows Data Disclosure and Manipulation
Summary
CERT-Bund has issued a security advisory for TIBCO ActiveMatrix and TIBCO Administrator, detailing a critical vulnerability (CVSS 9.9) that allows remote authenticated attackers to disclose and manipulate data. The advisory affects specific versions of TIBCO ActiveMatrix BusinessWorks and TIBCO Administrator Enterprise.
What changed
CERT-Bund has published a critical security advisory (WID-SEC-2026-0842) concerning TIBCO ActiveMatrix and TIBCO Administrator. The vulnerability, rated CVSS 9.9, allows remote authenticated attackers to exploit flaws to disclose sensitive information and manipulate data. Affected products include specific versions of TIBCO ActiveMatrix BusinessWorks (versions prior to 6.12.0 HF1, 6.11.0 HF4, 6.10.0 HF6, and 6.9.1 HF8) and TIBCO Administrator Enterprise (versions prior to 2.4.3 HF2).
Organizations utilizing these TIBCO products on Linux, UNIX, or Windows operating systems should immediately assess their exposure and apply available mitigations. The advisory indicates that remote, authenticated attacks are possible, emphasizing the need for prompt action to prevent data breaches and system compromise. While specific patch information is not detailed in this advisory, users are urged to consult TIBCO's security advisories for the latest updates and remediation steps.
What to do next
- Assess TIBCO ActiveMatrix and TIBCO Administrator installations for affected versions.
- Apply available security patches and mitigations provided by TIBCO.
- Review access controls for authenticated users to sensitive TIBCO systems.
Archived snapshot
Mar 25, 2026GovPing captured this document from the original source. If the source has since changed or been removed, this is the text as it existed at that time.
[WID-SEC-2026-0842] TIBCO ActiveMatrix: Schwachstelle ermöglicht Offenlegung von Informationen und Manipulation von Daten CVSS Base Score 9.9 (kritisch) CVSS Temporal Score 8.6 (hoch) Remoteangriff ja Datum 24.03.2026 Stand 25.03.2026 Mitigation ja
Betroffene Systeme
Betriebssystem
- Linux
- UNIX
- Windows
Produktbeschreibung
TIBCO ActiveMatrix ist eine Sammlung von einzelnen Tools zum Design, zur Integration und zur Entwicklung von Geschäftsprozessen auf der Basis von SOA (service-oriented architecture).
TIBCO Administrator ist ein Administrationswerkzeug für viele Produkte des Herstellers TIBCO.
Produkte
24.03.2026
- TIBCO ActiveMatrix BusinessWorks <6.12.0 HF1
TIBCO ActiveMatrix BusinessWorks <6.11.0 HF4
TIBCO ActiveMatrix BusinessWorks <6.10.0 HF6
TIBCO ActiveMatrix BusinessWorks <6.9.1 HF8
TIBCO Administrator Enterprise <2.4.3 HF2
Angriff
Angriff
Ein entfernter, authentisierter Angreifer kann eine Schwachstelle in TIBCO ActiveMatrix und TIBCO Administrator ausnutzen, um Informationen offenzulegen, und um Daten zu manipulieren. CVE Informationen Versionshistorie Feedback zum Advisory geben
Related changes
Get daily alerts for CERT-Bund Security Advisories
Daily digest delivered to your inbox.
Free. Unsubscribe anytime.
Source
About this page
Every important government, regulator, and court update from around the world. One place. Real-time. Free. Our mission
Source document text, dates, docket IDs, and authority are extracted directly from CERT-Bund.
The summary, classification, recommended actions, deadlines, and penalty information are AI-generated from the original text and may contain errors. Always verify against the source document.
Classification
Who this affects
Taxonomy
Browse Categories
Get alerts for this source
We'll email you when CERT-Bund Security Advisories publishes new changes.
Subscribed!
Optional. Filters your digest to exactly the updates that matter to you.