TIBCO ActiveMatrix BusinessWorks Injection Vulnerability_CVE-2026-3912

8.7 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L

Description

Injection vulnerabilities due to validation/sanitisation of user-supplied input in ActiveMatrix BusinessWorks and Enterprise Administrator allows information disclosure, including exposure of accessible local files and host system details, and may allow manipulation of application behaviour.

Basic Information

ID CVE-2026-3912

Source tibco

Published Mar 24, 2026 at 20:44

Modified Mar 25, 2026 at 13:33

Affected Product

Vendor Tibco

Product ActiveMatrix BusinessWorks

Version 6.12.0

Affected Versions Tibco ActiveMatrix BusinessWorks 6.12.0
Tibco ActiveMatrix BusinessWorks 6.11.0
Tibco ActiveMatrix BusinessWorks 6.10.0
Tibco ActiveMatrix BusinessWorks 6.9.1
Tibco Enterprise Administrator 2.4.3

CWE Classification

CWE-20

References

community.tibco.com /advisories/tibco-security-advisory-march-24-2026-tibco-activematrix-businessworks-cve-2026-3912-r227/

{
    "lastseen": "",
    "description": "Injection vulnerabilities due to validation/sanitisation of user-supplied input in\u00a0ActiveMatrix BusinessWorks and\u00a0Enterprise Administrator allows\u00a0information disclosure, including exposure of accessible local files and host system details, and may allow manipulation of application behaviour.",
    "published": "2026-03-24T20:44:06.781Z",
    "modified": "2026-03-25T13:33:23.189Z",
    "type": "cve",
    "title": "TIBCO ActiveMatrix BusinessWorks Injection Vulnerability",
    "source": "tibco",
    "references": "https://community.tibco.com/advisories/tibco-security-advisory-march-24-2026-tibco-activematrix-businessworks-cve-2026-3912-r227/",
    "id": "CVE-2026-3912",
    "bulletinFamily": "",
    "cwe": [
        "CWE-20"
    ],
    "cvelist": null,
    "sourceData": "Tibco ActiveMatrix BusinessWorks 6.12.0\nTibco ActiveMatrix BusinessWorks 6.11.0\nTibco ActiveMatrix BusinessWorks 6.10.0\nTibco ActiveMatrix BusinessWorks 6.9.1\nTibco Enterprise Administrator 2.4.3",
    "sourceHref": "",
    "cvss": {
        "score": 8.7,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "ActiveMatrix BusinessWorks",
    "version": "6.12.0",
    "vendor": "Tibco",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}