CVE-2018-12410

Published: Oct 10, 2018Modified: Nov 21, 2024

9.8

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

The web server component of TIBCO Software Inc's Spotfire Statistics Services contains multiple vulnerabilities that may allow the remote execution of code. Without needing to authenticate, an attacker may be able to remotely execute code with the permissions of the system account used to run the web server component. Affected releases are TIBCO Software Inc. TIBCO Spotfire Statistics Services versions up to and including 7.11.0.

Affected (1)

Products: Tibco: Spotfire Statistics Services

1 product

Spotfire Statistics Services

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Tibco Spotfire Statistics Services	Up to 7.11.0

References (4)

http://www.securityfocus.com/bid/105558

Source: security@tibco.com

Third Party AdvisoryVDB Entry

https://www.tibco.com/support/advisories/2018/10/tibco-security-advisory-october-10-2018-tibco-spotfire-statistics

Source: security@tibco.com

Third Party Advisory

http://www.securityfocus.com/bid/105558

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://www.tibco.com/support/advisories/2018/10/tibco-security-advisory-october-10-2018-tibco-spotfire-statistics

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.