CVE-2018-5436— TIBCO Spotfire Server information disclosure vulnerabilities
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2018-5436
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
TIBCO Spotfire Server information disclosure vulnerabilities
Source: NVD (National Vulnerability Database)
Vulnerability Description
The Spotfire server component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace, and TIBCO Spotfire Server contain multiple vulnerabilities that may allow for the disclosure of information, including user and data source credentials. Affected releases are TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace: versions up to and including 7.12.0, TIBCO Spotfire Server: versions up to and including 7.8.1; 7.9.0; 7.10.0; 7.11.0; 7.12.0.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
TIBCO Spotfire Server和TIBCO Spotfire Analytics Platform for AWS Marketplace Spotfire服务器组件安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
TIBCO Spotfire Analytics Platform for AWS Marketplace和Spotfire Server都是美国TIBCO软件公司的产品。TIBCO Spotfire Analytics Platform for AWS Marketplace是一套为云应用商店AWS提供数据可视化分析的平台。Spotfire Server是一套基于TIBCO Spotfire(数据分析和挖掘工具)的为企业提供整合、运行和管理的平台。Spotfire server component是其中
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| TIBCO Software Inc. | TIBCO Spotfire Analytics Platform for AWS Marketplace | unspecified ~ 7.12.0 | - | |
| TIBCO Software Inc. | TIBCO Spotfire Server | unspecified ~ 7.8.1 | - |
II. Public POCs for CVE-2018-5436
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2018-5436
请登录查看更多情报信息。
- http://www.tibco.com/services/support/advisoriesx_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2018-5436
Same Patch Batch · TIBCO Software Inc. · 2018-06-27 · 3 CVEs total
| CVE-2018-5435 | TIBCO Spotfire Product Family Remote Code Execution Vulnerability | |
| CVE-2018-5437 | TIBCO Spotfire Product Family Information Disclosure Vulnerability |
IV. Related Vulnerabilities
Same product: TIBCO Spotfire Analytics Platform for AWS Marketplace
- CVE-2022-30579
TIBCO Spotfire Server Blind SSRF vulnerability - CVE-2020-9408
TIBCO Spotfire Server Script Trust Problem Exposes Remote Co - CVE-2019-17337
TIBCO Spotfire Server Library Vulnerable to Reflected Cross- - CVE-2019-17336
TIBCO Spotfire Web Player Potentially Exposes Credentials Fo - CVE-2019-17335
TIBCO Spotfire Server Exposes User-Specific Cached Data To O
Same vendor: TIBCO Software Inc.
- CVE-2024-1137
TIBCO ActiveSpaces Information Leak Vulnerability - CVE-2024-1138
TIBCO FTL Privilege Escalation - CVE-2023-26222
TIBCO EBX Cross-site Scripting (XXS) Vulnerability - CVE-2023-26221
TIBCO Spotfire Insufficiently Protected Credential vulnerabi - CVE-2023-26219
TIBCO Operational Intelligence Hawk RedTail Credential Expos
V. Comments for CVE-2018-5436
No comments yet