PT-2017-16558 · Tibco · Tibco Spotfire Analytics Platform For Aws Marketplace+1
Publicado
2017-05-09
·
Atualizado
2017-05-23
·
CVE-2017-5527
CVSS v3.1
6.5
Média
| Vetor | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
TIBCO Spotfire Server versions 7.0.0 through 7.0.1
TIBCO Spotfire Server versions 7.5.0 through 7.5.0
TIBCO Spotfire Server versions 7.6.0 through 7.6.0
TIBCO Spotfire Server versions 7.7.0 through 7.7.0
TIBCO Spotfire Server versions 7.8.0 through 7.8.0
Spotfire Analytics Platform for AWS Marketplace version 7.8.0
Description
The issue allows authorized users to perform SQL injection attacks.
Recommendations
For TIBCO Spotfire Server versions 7.0.0 through 7.0.1, update to version 7.0.2 or later.
For TIBCO Spotfire Server versions 7.5.0 through 7.5.0, update to version 7.5.1 or later.
For TIBCO Spotfire Server versions 7.6.0 through 7.6.0, update to version 7.6.1 or later.
For TIBCO Spotfire Server versions 7.7.0 through 7.7.0, update to version 7.7.1 or later.
For TIBCO Spotfire Server versions 7.8.0 through 7.8.0, update to version 7.8.1 or later.
For Spotfire Analytics Platform for AWS Marketplace version 7.8.0, update to a version later than 7.8.0.
Correção
SQL injection
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Tibco Spotfire Analytics Platform For Aws Marketplace
Tibco Spotfire Server