Injection Vulnerabilities: Attackers can inject malicious code, potentially gaining control over the system executing these functions. Additionally, insufficient validation of filenames during file uploads can enable attackers to upload and execute malicious files, leading to arbitrary code execution
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XTibco Spotfire Analyst
APPTibco14.1.014.2.014.3.014.4.014.4.1< 14.0.6Tibco Spotfire Analytics Platform
APPTibco< 14.4.2Tibco Spotfire Deployment Kit
APPTibco14.1.014.2.014.3.014.4.014.4.1< 14.0.7Tibco Spotfire Desktop
APPTibco< 14.4.2Tibco Spotfire Enterprise Runtime For R
APPTibco1.18.01.19.01.20.01.21.01.21.1< 1.17.7< 6.1.5Tibco Spotfire Statistics Services
APPTibco14.1.014.2.014.3.014.4.014.4.1< 14.0.7
Related vulnerabilities
The Splus Server component of TIBCO Software Inc.'s TIBCO Spotfire Statistics Services contains a vulnerabilit...
The Visualizations component of TIBCO Software Inc.'s TIBCO Spotfire Analyst, TIBCO Spotfire Analyst, TIBCO Sp...
The web server component of TIBCO Software Inc's Spotfire Statistics Services contains multiple vulnerabilitie...
Multiple TIBCO Products are prone to multiple unspecified SQL-injection vulnerabilities because it fails to pr...
The TIBCO Spotfire Client and TIBCO Spotfire Web Player Client components of TIBCO Software Inc.'s TIBCO Spotf...