PT-2019-12183 · Tibco Software · Tibco Spotfire Server+1
Published
2019-05-14
·
Updated
2019-05-20
·
CVE-2019-11205
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
TIBCO Spotfire Analytics Platform for AWS Marketplace versions 7.14.0 through 7.14.1 and 10.0.0 through 10.2.0
TIBCO Spotfire Server versions 7.14.0 and 10.0.0 through 10.2.0
Description
The web server component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace and TIBCO Spotfire Server contains vulnerabilities that theoretically allow reflected cross-site scripting (XSS) attacks.
Recommendations
For TIBCO Spotfire Analytics Platform for AWS Marketplace versions 7.14.0 through 7.14.1, update to a version outside of this range.
For TIBCO Spotfire Analytics Platform for AWS Marketplace versions 10.0.0 through 10.2.0, update to a version outside of this range.
For TIBCO Spotfire Server version 7.14.0, update to a version outside of this range.
For TIBCO Spotfire Server versions 10.0.0 through 10.2.0, update to a version outside of this range.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Tibco Spotfire Analytics Platform For Aws Marketplace
Tibco Spotfire Server