CVE-2019-11205— TIBCO Spotfire Server Exposes Multiple Reflected Cross-Site Scripting Vulnerabilities
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2019-11205
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
TIBCO Spotfire Server Exposes Multiple Reflected Cross-Site Scripting Vulnerabilities
Source: NVD (National Vulnerability Database)
Vulnerability Description
The web server component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace, and TIBCO Spotfire Server contains vulnerabilities that theoretically allow reflected cross-site scripting (XSS) attacks. Affected releases are TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace: 7.14.0; 7.14.1; 10.0.0; 10.0.1; 10.1.0; 10.2.0, and TIBCO Spotfire Server: 7.14.0; 10.0.0; 10.0.1; 10.1.0; 10.2.0.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
TIBCO Software TIBCO Spotfire Analytics Platform for AWS Marketplace和TIBCO Spotfire Server web server组件跨站脚本漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
TIBCO Software TIBCO Spotfire Analytics Platform for AWS Marketplace和TIBCO Spotfire Server都是美国TIBCO Software公司的产品。TIBCO Spotfire Analytics Platform for AWS Marketplace是一套为云应用商店AWS提供数据可视化分析的平台。TIBCO Spotfire Server是一套基于TIBCO Spotfire(数据分析和挖掘工具)的为企业提供整合、运行和
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| TIBCO Software Inc. | TIBCO Spotfire Analytics Platform for AWS Marketplace | 7.14.0 | - | |
| TIBCO Software Inc. | TIBCO Spotfire Server | 7.14.0 | - |
II. Public POCs for CVE-2019-11205
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2019-11205
请登录查看更多情报信息。
- http://www.tibco.com/services/support/advisoriesx_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2019-11205
Same Patch Batch · TIBCO Software Inc. · 2019-05-14 · 3 CVEs total
| CVE-2019-11204 | TIBCO Spotfire Statistics Services Exposes Sensitive Files | |
| CVE-2019-11206 | TIBCO Spotfire Server Vulnerabilities With Integrity of Comments and Bookmarks |
IV. Related Vulnerabilities
Same product: TIBCO Spotfire Analytics Platform for AWS Marketplace
- CVE-2022-30579
TIBCO Spotfire Server Blind SSRF vulnerability - CVE-2020-9408
TIBCO Spotfire Server Script Trust Problem Exposes Remote Co - CVE-2019-17337
TIBCO Spotfire Server Library Vulnerable to Reflected Cross- - CVE-2019-17336
TIBCO Spotfire Web Player Potentially Exposes Credentials Fo - CVE-2019-17335
TIBCO Spotfire Server Exposes User-Specific Cached Data To O
Same vendor: TIBCO Software Inc.
- CVE-2024-1137
TIBCO ActiveSpaces Information Leak Vulnerability - CVE-2024-1138
TIBCO FTL Privilege Escalation - CVE-2023-26222
TIBCO EBX Cross-site Scripting (XXS) Vulnerability - CVE-2023-26221
TIBCO Spotfire Insufficiently Protected Credential vulnerabi - CVE-2023-26219
TIBCO Operational Intelligence Hawk RedTail Credential Expos
V. Comments for CVE-2019-11205
No comments yet