CVE-2013-2371

Published: Mar 15, 2013Modified: Apr 29, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

The Web API in the Statistics Server in TIBCO Spotfire Statistics Services 3.3.x before 3.3.1, 4.5.x before 4.5.1, and 5.0.x before 5.0.1 allows remote attackers to obtain sensitive information via an unspecified HTTP request.

Affected (3)

Products: Tibco: Spotfire Statistics Services

Tibco

1 product

Spotfire Statistics Services

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Tibco Spotfire Statistics Services	Version 3.3

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Tibco Spotfire Statistics Services	Version 4.5.0

Configuration C

1 vulnerable

Vulnerable Software	Affected Versions
Tibco Spotfire Statistics Services	Version 5.0.0

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (6)

http://www.tibco.com/mk/advisory.jsp

Source: cve@mitre.org

Vendor Advisory

http://www.tibco.com/multimedia/spotfire-statistics-services-advisory-2013-03-12_tcm8-18479.txt

Source: cve@mitre.org

Vendor Advisory

http://www.tibco.com/services/support/advisories/spotfire-advisory_20130313.jsp

Source: cve@mitre.org

Vendor Advisory

http://www.tibco.com/mk/advisory.jsp

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.tibco.com/multimedia/spotfire-statistics-services-advisory-2013-03-12_tcm8-18479.txt

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.tibco.com/services/support/advisories/spotfire-advisory_20130313.jsp

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.