PT-2019-12183 · Tibco Software · Tibco Spotfire Server+1
Publicado
2019-05-14
·
Atualizado
2019-05-20
·
CVE-2019-11205
CVSS v3.1
8.8
Alta
| Vetor | AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
TIBCO Spotfire Analytics Platform for AWS Marketplace versions 7.14.0 through 7.14.1 and 10.0.0 through 10.2.0
TIBCO Spotfire Server versions 7.14.0 and 10.0.0 through 10.2.0
Description
The web server component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace and TIBCO Spotfire Server contains vulnerabilities that theoretically allow reflected cross-site scripting (XSS) attacks.
Recommendations
For TIBCO Spotfire Analytics Platform for AWS Marketplace versions 7.14.0 through 7.14.1, update to a version outside of this range.
For TIBCO Spotfire Analytics Platform for AWS Marketplace versions 10.0.0 through 10.2.0, update to a version outside of this range.
For TIBCO Spotfire Server version 7.14.0, update to a version outside of this range.
For TIBCO Spotfire Server versions 10.0.0 through 10.2.0, update to a version outside of this range.
Correção
XSS
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Tibco Spotfire Analytics Platform For Aws Marketplace
Tibco Spotfire Server