PT-2022-20183 · Tibco Software · Tibco Statistica - Estore Edition+3
Published
2022-08-16
·
Updated
2022-08-17
·
CVE-2022-30575
CVSS v3.1
7.3
High
| Vector | AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
TIBCO Data Science - Workbench versions 14.0.0 and below
TIBCO Statistica versions 14.0.0 and below
TIBCO Statistica - Estore Edition versions 14.0.0 and below
TIBCO Statistica Trial versions 14.0.0 and below
Description
The Web Console component of TIBCO Software Inc.'s products contains easily exploitable Reflected Cross Site Scripting (XSS) vulnerabilities. These vulnerabilities allow a low privileged attacker with network access to execute scripts targeting the affected system or the victim's local system.
Recommendations
For TIBCO Data Science - Workbench versions 14.0.0 and below, update to a version above 14.0.0 to mitigate the risk.
For TIBCO Statistica versions 14.0.0 and below, update to a version above 14.0.0 to mitigate the risk.
For TIBCO Statistica - Estore Edition versions 14.0.0 and below, update to a version above 14.0.0 to mitigate the risk.
For TIBCO Statistica Trial versions 14.0.0 and below, update to a version above 14.0.0 to mitigate the risk.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Tibco Data Science - Workbench
Tibco Statistica
Tibco Statistica - Estore Edition
Tibco Statistica Trial