HIGH✓ PATCH🇬🇧 English

CVE-2019-11204

CVSS 8.8v3.1pub. 2019-05-14upd. 2024-11-21

The web interface component of TIBCO Software Inc.'s TIBCO Spotfire Statistics Services contains a vulnerability that might theoretically allow an authenticated user to access sensitive information needed by the Spotfire Statistics Services server. The sensitive information that might be affected includes database, JMX, LDAP, Windows service account, and user credentials. Affected releases are TIBCO Software Inc.'s TIBCO Spotfire Statistics Services: versions up to and including 7.11.1; 10.0.0.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Tibco Spotfire Statistics Services

    APP
    Tibco
    10.0.0≤ 7.11.1
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
CWE
Referencje

Powiązane podatności

CVE-2025-3115CRITICAL9.4PL ✓ten sam produkt

RCE w Tibco Spotfire — wstrzyknięcie kodu i nievalidowane nazwy plików

CVE-2023-29268CRITICAL9.8ten sam produkt

The Splus Server component of TIBCO Software Inc.'s TIBCO Spotfire Statistics Services contains a vulnerabilit...

CVE-2018-12410CRITICAL9.8ten sam produkt

The web server component of TIBCO Software Inc's Spotfire Statistics Services contains multiple vulnerabilitie...

CVE-2021-23275HIGH8.8ten sam produkt

The Windows Installation component of TIBCO Software Inc.'s TIBCO Enterprise Runtime for R - Server Edition, T...

CVE-2021-28830HIGH8.8ten sam produkt

The TIBCO Spotfire Server and TIBCO Enterprise Runtime for R components of TIBCO Software Inc.'s TIBCO Enterpr...