PT-2019-9637 · Tibco · Tibco Spotfire Analytics Platform For Aws Marketplace+1

Publicado

2019-01-16

Atualizado

2019-10-09

CVE-2018-18814

CVSS v3.1

9.8

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions TIBCO Spotfire Analytics Platform for AWS Marketplace versions up to and including 10.0.0 TIBCO Spotfire Server versions up to and including 7.14.0

Description The TIBCO Spotfire authentication component contains a vulnerability in the handling of authentication, which may allow an attacker to gain full access to a target account, independent of configured authentication mechanisms.

Recommendations For TIBCO Spotfire Analytics Platform for AWS Marketplace versions up to and including 10.0.0, update to a version later than 10.0.0 to resolve the issue. For TIBCO Spotfire Server versions up to and including 7.14.0, update to a version later than 7.14.0 to resolve the issue.

Correção

Improper Authentication

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-287

Identificadores relacionados

CVE-2018-18814

Produtos afetados

Tibco Spotfire Analytics Platform For Aws Marketplace

Tibco Spotfire Server

PT-2019-9637 · Tibco · Tibco Spotfire Analytics Platform For Aws Marketplace+1

CVE-2018-18814

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5