CVE-2018-5437Sensitive Information Exposure in Software INC Tibco Spotfire Analyst

3 documents3 sources
Severity
8.8HIGHNVD
CNA6.8
EPSS
0.3%
top 45.30%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
10
Tibco Software INC Tibco Spotfire AnalystTibco Software INC Tibco Spotfire Analytics Platform FOR AWS MarketplaceTibco Software INC Tibco Spotfire Deployment KIT+7 more
Timeline
PublishedJun 27
Latest updateMay 13

Description

The TIBCO Spotfire Client and TIBCO Spotfire Web Player Client components of TIBCO Software Inc.'s TIBCO Spotfire Analyst, TIBCO Spotfire Analytics Platform for AWS Marketplace, TIBCO Spotfire Deployment Kit, TIBCO Spotfire Desktop, and TIBCO Spotfire Desktop Language Packs contain multiple vulnerabilities that may allow for unauthorized information disclosure. Affected releases are TIBCO Software Inc.'s TIBCO Spotfire Analyst: versions up to and including 7.8.0; 7.9.0; 7.9.1; 7.10.0; 7.10.1; 7.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages10 packages

CVEListV5tibco_software_inc/tibco_spotfire_desktopunspecified7.8.0+6

🔴Vulnerability Details

2
GHSA
GHSA-5qv7-rfm2-p257: The TIBCO Spotfire Client and TIBCO Spotfire Web Player Client components of TIBCO Software Inc2022-05-13
CVEList
TIBCO Spotfire Product Family Information Disclosure Vulnerability2018-06-27
CVE-2018-5437 — Sensitive Information Exposure | cvebase