TIBCO Spotfire Server information disclosure vulnerabilities
CVE-2018-5436

6.5MEDIUM

Key Information:

Vendor: Tibco
Status: Tibco Spotfire Analytics Platform For Aws Marketplace; Tibco Spotfire Server
Vendor: CVE Published:; 27 June 2018

What is CVE-2018-5436?

The Spotfire server component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace, and TIBCO Spotfire Server contain multiple vulnerabilities that may allow for the disclosure of information, including user and data source credentials. Affected releases are TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace: versions up to and including 7.12.0, TIBCO Spotfire Server: versions up to and including 7.8.1; 7.9.0; 7.10.0; 7.11.0; 7.12.0.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

TIBCO Spotfire Analytics Platform for AWS Marketplace <= 7.12.0

TIBCO Spotfire Server <= 7.8.1

TIBCO Spotfire Server 7.9.0

References

https://www.tibco.com/support/advisories/2018/06/tibco-se...

x_refsource_CONFIRM

http://www.tibco.com/services/support/advisories

x_refsource_MISC

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 27, 2018
Vulnerability Reserved
Jan 12, 2018

JSON

Tibco