CVE-2023-29268
published 2023-04-26CVE-2023-29268: The Splus Server component of TIBCO Software Inc.'s TIBCO Spotfire Statistics Services contains a vulnerability that allows an unauthenticated remote attacker…
PriorityP261critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
1.03%
59.4th percentile
The Splus Server component of TIBCO Software Inc.'s TIBCO Spotfire Statistics Services contains a vulnerability that allows an unauthenticated remote attacker to upload or modify arbitrary files within the web server directory on the affected system. Affected releases are TIBCO Software Inc.'s TIBCO Spotfire Statistics Services: versions 11.4.10 and below, versions 11.5.0, 11.6.0, 11.6.1, 11.6.2, 11.7.0, 11.8.0, 11.8.1, 12.0.0, 12.0.1, and 12.0.2, versions 12.1.0 and 12.2.0.
Affected
26 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| tibco | spotfire_statistics_services | < 11.4.11 | 11.4.11 |
| tibco | spotfire_statistics_services | — | — |
| tibco | spotfire_statistics_services | — | — |
| tibco | spotfire_statistics_services | — | — |
| tibco | spotfire_statistics_services | — | — |
| tibco | spotfire_statistics_services | — | — |
| tibco | spotfire_statistics_services | — | — |
| tibco | spotfire_statistics_services | — | — |
| tibco | spotfire_statistics_services | — | — |
| tibco | spotfire_statistics_services | — | — |
| tibco | spotfire_statistics_services | — | — |
| tibco | spotfire_statistics_services | — | — |
| tibco | spotfire_statistics_services | — | — |
| tibco_software_inc | tibco_spotfire_statistics_services | <= 11.4.10 | — |
| tibco_software_inc | tibco_spotfire_statistics_services | — | — |
| tibco_software_inc | tibco_spotfire_statistics_services | — | — |
| tibco_software_inc | tibco_spotfire_statistics_services | — | — |
| tibco_software_inc | tibco_spotfire_statistics_services | — | — |
| tibco_software_inc | tibco_spotfire_statistics_services | — | — |
| tibco_software_inc | tibco_spotfire_statistics_services | — | — |
| tibco_software_inc | tibco_spotfire_statistics_services | — | — |
| tibco_software_inc | tibco_spotfire_statistics_services | — | — |
| tibco_software_inc | tibco_spotfire_statistics_services | — | — |
| tibco_software_inc | tibco_spotfire_statistics_services | — | — |
| tibco_software_inc | tibco_spotfire_statistics_services | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2023-04-26
Published