PT-2019-9637 · Tibco · Tibco Spotfire Analytics Platform For Aws Marketplace+1
Published
2019-01-16
·
Updated
2019-10-09
·
CVE-2018-18814
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
TIBCO Spotfire Analytics Platform for AWS Marketplace versions up to and including 10.0.0
TIBCO Spotfire Server versions up to and including 7.14.0
Description
The TIBCO Spotfire authentication component contains a vulnerability in the handling of authentication, which may allow an attacker to gain full access to a target account, independent of configured authentication mechanisms.
Recommendations
For TIBCO Spotfire Analytics Platform for AWS Marketplace versions up to and including 10.0.0, update to a version later than 10.0.0 to resolve the issue.
For TIBCO Spotfire Server versions up to and including 7.14.0, update to a version later than 7.14.0 to resolve the issue.
Fix
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Tibco Spotfire Analytics Platform For Aws Marketplace
Tibco Spotfire Server