Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2018-5435— TIBCO Spotfire Product Family Remote Code Execution Vulnerability

EPSS 1.40% · P81
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2018-5435

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
TIBCO Spotfire Product Family Remote Code Execution Vulnerability
Source: NVD (National Vulnerability Database)
Vulnerability Description
The TIBCO Spotfire Client and TIBCO Spotfire Web Player Client components of TIBCO Software Inc.'s TIBCO Spotfire Analyst, TIBCO Spotfire Analytics Platform for AWS Marketplace, TIBCO Spotfire Deployment Kit, TIBCO Spotfire Desktop, and TIBCO Spotfire Desktop Language Packs contain multiple vulnerabilities that may allow for remote code execution. Affected releases are TIBCO Software Inc.'s TIBCO Spotfire Analyst: versions up to and including 7.8.0; 7.9.0; 7.9.1; 7.10.0; 7.10.1; 7.11.0; 7.12.0, TIBCO Spotfire Analytics Platform for AWS Marketplace: versions up to and including 7.12.0, TIBCO Spotfire Deployment Kit: versions up to and including 7.8.0; 7.9.0;7.9.1;7.10.0;7.10.1;7.11.0; 7.12.0, TIBCO Spotfire Desktop: versions up to and including 7.8.0; 7.9.0; 7.9.1; 7.10.0; 7.10.1; 7.11.0;7.12.0, TIBCO Spotfire Desktop Language Packs: versions up to and including 7.8.0; 7.9.0; 7.9.1; 7.10.0; 7.10.1; 7.11.0.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
多款TIBCO产品中的TIBCO Spotfire Client和TIBCO Spotfire Web Player Client组件安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
TIBCO Spotfire Analyst等都是美国TIBCO软件公司的产品。Spotfire Analyst是一套数据分析和挖掘平台;Spotfire Desktop是一套专为探索数据设计的分析软件。Spotfire Client是其中的一个客户端组件;Spotfire Web Player Client是其中的一个基于Web的客户端组件。 多款TIBCO产品中的TIBCO Spotfire Client和TIBCO Spotfire Web Player Client组件存在安全漏洞。远程攻击者可利
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
TIBCO Software Inc.TIBCO Spotfire Analyst unspecified ~ 7.8.0 -
TIBCO Software Inc.TIBCO Spotfire Analytics Platform for AWS Marketplace unspecified ~ 7.12.0 -
TIBCO Software Inc.TIBCO Spotfire Deployment Kit unspecified ~ 7.8.0 -
TIBCO Software Inc.TIBCO Spotfire Desktop unspecified ~ 7.8.0 -
TIBCO Software Inc.TIBCO Spotfire Desktop Language Packs unspecified ~ 7.8.0 -

II. Public POCs for CVE-2018-5435

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2018-5435

登录查看更多情报信息。

Same Patch Batch · TIBCO Software Inc. · 2018-06-27 · 3 CVEs total

CVE-2018-5436TIBCO Spotfire Server information disclosure vulnerabilities
CVE-2018-5437TIBCO Spotfire Product Family Information Disclosure Vulnerability

IV. Related Vulnerabilities

Same product: TIBCO Spotfire Analyst
Same vendor: TIBCO Software Inc.

V. Comments for CVE-2018-5435

No comments yet

Leave a comment