Information disclosure in Tibco Spotfire_analytics_platform_for_aws
CVE-2018-5436
The Spotfire server component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace, and TIBCO Spotfire Server contain multiple vulnerabilities that may allow for the disclosure of information, including user and d…
Vulnerability class: Information Disclosure
EPSS: 0.010 (58.7th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N.
Affected products
- Tibco Spotfire_analytics_platform_for_aws
- Tibco Spotfire_server — versions 7.9.0, 7.10.0, 7.11.0
- Tibco Software Inc. Spotfire Analytics Platform For Aws Marketplace — versions unspecified
- Tibco Software Inc. Spotfire Server — versions unspecified, 7.9.0, 7.10.0
Weakness classification (CWE)
References
- security@tibco.com (x_refsource_CONFIRM, Vendor Advisory)
- security@tibco.com (x_refsource_MISC, Vendor Advisory)
Frequently asked questions
- What is CVE-2018-5436?
- CVE-2018-5436 is a medium-severity vulnerability in Tibco Spotfire_analytics_platform_for_aws, classified under Information Disclosure. CVSS score: 6.5/10. Published 2018-06-27.
- How severe is CVE-2018-5436?
- Medium severity. CVSS v3 base score is 6.5 out of 10.