Yesterday TIBCO announced security vulnerability in TIBCO ActiveMatrix Products. ActiveMatrix Runtime and Administrator components contain a critical vulnerability in the handling of JMX connections. An attacker with access to an affected system could gain administrative control over the system, allowing the attacker to execute arbitrary code on any host that is a participant in the system.

TIBCO has released updated versions of the affected software products. If an upgrade is not possible, use a firewall to restrict access to the ActiveMatrix Runtime and Administrator components.

Additional information and list of affected products versions here.