PT-2012-2795 · Tibco · Tibco Automation Services+4
Published
2012-03-13
·
Updated
2012-03-13
·
CVE-2012-0690
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
TIBCO Spotfire Analytics Server versions prior to 10.1.2
TIBCO Spotfire Server versions prior to 3.3.3
TIBCO Spotfire Web Player, Automation Services, and Professional versions prior to 4.0.2
Description
The issue allows remote attackers to obtain sensitive information via a crafted URL.
Recommendations
For TIBCO Spotfire Analytics Server versions prior to 10.1.2, update to version 10.1.2 or later.
For TIBCO Spotfire Server versions prior to 3.3.3, update to version 3.3.3 or later.
For TIBCO Spotfire Web Player, Automation Services, and Professional versions prior to 4.0.2, update to version 4.0.2 or later.
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Tibco Automation Services
Tibco Spotfire Analytics Server
Tibco Spotfire Professional
Tibco Spotfire Server
Tibco Spotfire Web Player