← Back

CVE-2012-0690

nvd nist
Published: Mar 13, 2012Modified: Apr 29, 2026

JSON object

Loading...
5.0
Vector
AV:N/AC:L/Au:N/C:P/I:N/A:N
Exploitability: 10.0 / Impact: 2.9
Source: NVD

Description

TIBCO Spotfire Web Application, Web Player Application, Automation Services Application, and Analytics Client Application in Spotfire Analytics Server before 10.1.2; Server before 3.3.3; and Web Player, Automation Services, and Professional before 4.0.2 allow remote attackers to obtain sensitive information via a crafted URL.

Affected (10)

Tibco
4 products
Spotfire Analytics Server
Spotfire Server
Web Player Automation Services
Spotfire Professional
Configuration A
8 vulnerable
Vulnerable SoftwareAffected Versions
Tibco
Spotfire Analytics Server
Version 10.0.0
Spotfire Analytics Server
Version 10.0.1
Tibco
Spotfire Server
Version 3.0.0
Spotfire Server
Version 3.0.1
Spotfire Server
Version 3.1.0
Spotfire Server
Version 3.1.1
Spotfire Server
Version 3.2.0
Spotfire Server
Version 3.3.0
Configuration B
1 vulnerable
Vulnerable SoftwareAffected Versions
Web Player Automation Services
All versions
Configuration C
1 vulnerable
Vulnerable SoftwareAffected Versions
Spotfire Professional
Up to 4.0.1

Related CWEs

CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (4)

Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.