PT-2019-12182 · Tibco · Tibco Spotfire Statistics Services
Published
2019-05-14
·
Updated
2023-01-30
·
CVE-2019-11204
CVSS v3.1
9.9
Critical
| Vector | AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
TIBCO Spotfire Statistics Services versions up to and including 7.11.1
TIBCO Spotfire Statistics Services version 10.0.0
Description
The web interface component of TIBCO Spotfire Statistics Services contains an issue that could allow an authenticated user to access sensitive information. This sensitive information includes database, JMX, LDAP, Windows service account, and user credentials.
Recommendations
For TIBCO Spotfire Statistics Services versions up to and including 7.11.1, update to a version later than 7.11.1 to resolve the issue.
For TIBCO Spotfire Statistics Services version 10.0.0, update to a version later than 10.0.0 to resolve the issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Tibco Spotfire Statistics Services