CVE-2019-11210

Name of the Vulnerable Software and Affected Versions TIBCO Enterprise Runtime for R - Server Edition versions 1.2.0 and below TIBCO Spotfire Analytics Platform for AWS Marketplace versions 10.4.0 and 10.5.0

Description The issue allows an unauthenticated user to bypass access controls and remotely execute code using the operating system account hosting the affected component.

Recommendations For TIBCO Enterprise Runtime for R - Server Edition versions 1.2.0 and below, update to a version above 1.2.0 to resolve the issue. For TIBCO Spotfire Analytics Platform for AWS Marketplace versions 10.4.0 and 10.5.0, consider restricting access to the server component until a patch is available.