TIBCO Spotfire Data Science Spoofing Vulnerability
CVE-2019-8989

5MEDIUM

Key Information:

Vendor: Tibco
Status: Tibco Data Science For Aws; Tibco Spotfire Data Science
Vendor: CVE Published:; 26 March 2019

What is CVE-2019-8989?

The application server component of TIBCO Software Inc.'s TIBCO Data Science for AWS, and TIBCO Spotfire Data Science contains a vulnerability that theoretically enables a user to spoof their account to look like a different user in the affected system. Affected releases are TIBCO Software Inc.'s TIBCO Data Science for AWS: versions up to and including 6.4.0, and TIBCO Spotfire Data Science: versions up to and including 6.4.0.

Affected Version(s)

TIBCO Data Science for AWS <= 6.4.0

TIBCO Spotfire Data Science <= 6.4.0

References

http://www.tibco.com/services/support/advisories

x_refsource_MISC

https://www.tibco.com/support/advisories/2019/03/tibco-se...

x_refsource_MISC

http://www.securityfocus.com/bid/107608

vdb-entryx_refsource_BID

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 26, 2019
Vulnerability Reserved
Feb 21, 2019

Tibco

What is CVE-2019-8989?

Affected Version(s)

References

CVSS V3.1

Timeline