{"containers": {"cna": {"affected": [{"product": "TIBCO Spotfire Analyst", "vendor": "TIBCO Software Inc.", "versions": [{"lessThanOrEqual": "7.8.0", "status": "affected", "version": "unspecified", "versionType": "custom"}, {"status": "affected", "version": "7.9.0"}, {"status": "affected", "version": "7.9.1"}, {"status": "affected", "version": "7.10.0"}, {"status": "affected", "version": "7.10.1"}, {"status": "affected", "version": "7.11.0"}, {"status": "affected", "version": "7.12.0"}]}, {"product": "TIBCO Spotfire Analytics Platform for AWS Marketplace", "vendor": "TIBCO Software Inc.", "versions": [{"lessThanOrEqual": "7.12.0", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "TIBCO Spotfire Deployment Kit", "vendor": "TIBCO Software Inc.", "versions": [{"lessThanOrEqual": "7.8.0", "status": "affected", "version": "unspecified", "versionType": "custom"}, {"status": "affected", "version": "7.9.0"}, {"status": "affected", "version": "7.9.1"}, {"status": "affected", "version": "7.10.0"}, {"status": "affected", "version": "7.10.1"}, {"status": "affected", "version": "7.11.0"}, {"status": "affected", "version": "7.12.0"}]}, {"product": "TIBCO Spotfire Desktop", "vendor": "TIBCO Software Inc.", "versions": [{"lessThanOrEqual": "7.8.0", "status": "affected", "version": "unspecified", "versionType": "custom"}, {"status": "affected", "version": "7.9.0"}, {"status": "affected", "version": "7.9.1"}, {"status": "affected", "version": "7.10.0"}, {"status": "affected", "version": "7.10.1"}, {"status": "affected", "version": "7.11.0"}, {"status": "affected", "version": "7.12.0"}]}, {"product": "TIBCO Spotfire Desktop Language Packs", "vendor": "TIBCO Software Inc.", "versions": [{"lessThanOrEqual": "7.8.0", "status": "affected", "version": "unspecified", "versionType": "custom"}, {"status": "affected", "version": "7.9.0"}, {"status": "affected", "version": "7.9.1"}, {"status": "affected", "version": "7.10.0"}, {"status": "affected", "version": "7.10.1"}, {"status": "affected", "version": "7.11.0"}]}], "datePublic": "2018-06-26T00:00:00", "descriptions": [{"lang": "en", "value": "The TIBCO Spotfire Client and TIBCO Spotfire Web Player Client components of TIBCO Software Inc.'s TIBCO Spotfire Analyst, TIBCO Spotfire Analytics Platform for AWS Marketplace, TIBCO Spotfire Deployment Kit, TIBCO Spotfire Desktop, and TIBCO Spotfire Desktop Language Packs contain multiple vulnerabilities that may allow for unauthorized information disclosure. Affected releases are TIBCO Software Inc.'s TIBCO Spotfire Analyst: versions up to and including 7.8.0; 7.9.0; 7.9.1; 7.10.0; 7.10.1; 7.11.0; 7.12.0, TIBCO Spotfire Analytics Platform for AWS Marketplace: versions up to and including 7.12.0, TIBCO Spotfire Deployment Kit: versions up to and including 7.8.0; 7.9.0;7.9.1;7.10.0;7.10.1;7.11.0; 7.12.0, TIBCO Spotfire Desktop: versions up to and including 7.8.0; 7.9.0; 7.9.1; 7.10.0; 7.10.1; 7.11.0;7.12.0, TIBCO Spotfire Desktop Language Packs: versions up to and including 7.8.0; 7.9.0; 7.9.1; 7.10.0; 7.10.1; 7.11.0."}], "metrics": [{"cvssV3_0": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"description": "The impact of this vulnerability includes the theoretical possibly that an authenticated user could gain access to additional confidential information, including credentials to access additional resources.", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-06-29T15:57:01", "orgId": "4f830c72-39e4-45f6-a99f-78cc01ae04db", "shortName": "tibco"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.tibco.com/support/advisories/2018/06/tibco-security-advisory-june-26-2018-tibco-spotfire-2018-5437"}, {"tags": ["x_refsource_MISC"], "url": "http://www.tibco.com/services/support/advisories"}], "solutions": [{"lang": "en", "value": "TIBCO has released updated versions of the affected components which address these issues. When upgrading to one of the new versions some previously working functionality will be disabled by default and require configuration. Please review the README and other documentation for further information. For each affected system, update to the corresponding software versions:\n\nTIBCO Spotfire Analyst versions 7.8.0 and below update to version 7.8.1 or higher\nTIBCO Spotfire Analyst versions 7.9.0 and 7.9.1 update to version 7.9.2 or higher\nTIBCO Spotfire Analyst versions 7.10.0 and 7.10.1 update to version 7.10.2 or higher\nTIBCO Spotfire Analyst version 7.11.0 update to version 7.11.1\nTIBCO Spotfire Analyst version 7.12.0 update to version 7.13.0\nTIBCO Spotfire Analytics Platform for AWS Marketplace versions 7.12.0 and below update to version 7.13.0 or higher\nTIBCO Spotfire Deployment Kit versions 7.8.0 and below update to version 7.8.1 or higher\nTIBCO Spotfire Deployment Kit versions 7.9.0 and 7.9.1 update to version 7.9.2 or higher\nTIBCO Spotfire Deployment Kit versions 7.10.0 and 7.10.1 update to version 7.10.2 or higher\nTIBCO Spotfire Deployment Kit version 7.11.0 update to version 7.11.1 or higher\nTIBCO Spotfire Deployment Kit version 7.12.0 update to version 7.13.0 or higher\nTIBCO Spotfire Desktop versions 7.8.0 and below update to version 7.8.1 or higher\nTIBCO Spotfire Desktop versions 7.9.0 and 7.9.1 update to version 7.9.2 or higher\nTIBCO Spotfire Desktop versions 7.10.0 and 7.10.1 update to version 7.10.2 or higher\nTIBCO Spotfire Desktop version 7.11.0 update to version 7.11.1 or higher\nTIBCO Spotfire Desktop version 7.12.0 update to version 7.13.0 or higher\nTIBCO Spotfire Desktop Language Packs versions 7.8.0 and below update to version 7.8.1 or higher\nTIBCO Spotfire Desktop Language Packs versions 7.9.0 and 7.9.1 update to version 7.9.2 or higher\nTIBCO Spotfire Desktop Language Packs versions 7.10.0 and 7.10.1 update to version 7.10.2 or higher\nTIBCO Spotfire Desktop Language Packs version 7.11.0 update to version 7.11.1 or higher\n"}], "source": {"discovery": "INTERNAL"}, "title": "TIBCO Spotfire Product Family Information Disclosure Vulnerability", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@tibco.com", "DATE_PUBLIC": "2018-06-26T16:00:00.000Z", "ID": "CVE-2018-5437", "STATE": "PUBLIC", "TITLE": "TIBCO Spotfire Product Family Information Disclosure Vulnerability", "UPDATED": "2018-06-28T18:00:00.000Z"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "TIBCO Spotfire Analyst", "version": {"version_data": [{"affected": "<=", "version_affected": "<=", "version_value": "7.8.0"}, {"affected": "=", "version_affected": "=", "version_value": "7.9.0"}, {"affected": "=", "version_affected": "=", "version_value": "7.9.1"}, {"affected": "=", "version_affected": "=", "version_value": "7.10.0"}, {"affected": "=", "version_affected": "=", "version_value": "7.10.1"}, {"affected": "=", "version_affected": "=", "version_value": "7.11.0"}, {"affected": "=", "version_affected": "=", "version_value": "7.12.0"}]}}, {"product_name": "TIBCO Spotfire Analytics Platform for AWS Marketplace", "version": {"version_data": [{"affected": "<=", "version_affected": "<=", "version_value": "7.12.0"}]}}, {"product_name": "TIBCO Spotfire Deployment Kit", "version": {"version_data": [{"affected": "<=", "version_affected": "<=", "version_value": "7.8.0"}, {"affected": "=", "version_affected": "=", "version_value": "7.9.0"}, {"affected": "=", "version_affected": "=", "version_value": "7.9.1"}, {"affected": "=", "version_affected": "=", "version_value": "7.10.0"}, {"affected": "=", "version_affected": "=", "version_value": "7.10.1"}, {"affected": "=", "version_affected": "=", "version_value": "7.11.0"}, {"affected": "=", "version_affected": "=", "version_value": "7.12.0"}]}}, {"product_name": "TIBCO Spotfire Desktop", "version": {"version_data": [{"affected": "<=", "version_affected": "<=", "version_value": "7.8.0"}, {"affected": "=", "version_affected": "=", "version_value": "7.9.0"}, {"affected": "=", "version_affected": "=", "version_value": "7.9.1"}, {"affected": "=", "version_affected": "=", "version_value": "7.10.0"}, {"affected": "=", "version_affected": "=", "version_value": "7.10.1"}, {"affected": "=", "version_affected": "=", "version_value": "7.11.0"}, {"affected": "=", "version_affected": "=", "version_value": "7.12.0"}]}}, {"product_name": "TIBCO Spotfire Desktop Language Packs", "version": {"version_data": [{"affected": "<=", "version_affected": "<=", "version_value": "7.8.0"}, {"affected": "=", "version_affected": "=", "version_value": "7.9.0"}, {"affected": "=", "version_affected": "=", "version_value": "7.9.1"}, {"affected": "=", "version_affected": "=", "version_value": "7.10.0"}, {"affected": "=", "version_affected": "=", "version_value": "7.10.1"}, {"affected": "=", "version_affected": "=", "version_value": "7.11.0"}]}}]}, "vendor_name": "TIBCO Software Inc."}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The TIBCO Spotfire Client and TIBCO Spotfire Web Player Client components of TIBCO Software Inc.'s TIBCO Spotfire Analyst, TIBCO Spotfire Analytics Platform for AWS Marketplace, TIBCO Spotfire Deployment Kit, TIBCO Spotfire Desktop, and TIBCO Spotfire Desktop Language Packs contain multiple vulnerabilities that may allow for unauthorized information disclosure. Affected releases are TIBCO Software Inc.'s TIBCO Spotfire Analyst: versions up to and including 7.8.0; 7.9.0; 7.9.1; 7.10.0; 7.10.1; 7.11.0; 7.12.0, TIBCO Spotfire Analytics Platform for AWS Marketplace: versions up to and including 7.12.0, TIBCO Spotfire Deployment Kit: versions up to and including 7.8.0; 7.9.0;7.9.1;7.10.0;7.10.1;7.11.0; 7.12.0, TIBCO Spotfire Desktop: versions up to and including 7.8.0; 7.9.0; 7.9.1; 7.10.0; 7.10.1; 7.11.0;7.12.0, TIBCO Spotfire Desktop Language Packs: versions up to and including 7.8.0; 7.9.0; 7.9.1; 7.10.0; 7.10.1; 7.11.0."}]}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "The impact of this vulnerability includes the theoretical possibly that an authenticated user could gain access to additional confidential information, including credentials to access additional resources."}]}]}, "references": {"reference_data": [{"name": "https://www.tibco.com/support/advisories/2018/06/tibco-security-advisory-june-26-2018-tibco-spotfire-2018-5437", "refsource": "CONFIRM", "url": "https://www.tibco.com/support/advisories/2018/06/tibco-security-advisory-june-26-2018-tibco-spotfire-2018-5437"}, {"name": "http://www.tibco.com/services/support/advisories", "refsource": "MISC", "url": "http://www.tibco.com/services/support/advisories"}]}, "solution": [{"lang": "en", "value": "TIBCO has released updated versions of the affected components which address these issues. When upgrading to one of the new versions some previously working functionality will be disabled by default and require configuration. Please review the README and other documentation for further information. For each affected system, update to the corresponding software versions:\n\nTIBCO Spotfire Analyst versions 7.8.0 and below update to version 7.8.1 or higher\nTIBCO Spotfire Analyst versions 7.9.0 and 7.9.1 update to version 7.9.2 or higher\nTIBCO Spotfire Analyst versions 7.10.0 and 7.10.1 update to version 7.10.2 or higher\nTIBCO Spotfire Analyst version 7.11.0 update to version 7.11.1\nTIBCO Spotfire Analyst version 7.12.0 update to version 7.13.0\nTIBCO Spotfire Analytics Platform for AWS Marketplace versions 7.12.0 and below update to version 7.13.0 or higher\nTIBCO Spotfire Deployment Kit versions 7.8.0 and below update to version 7.8.1 or higher\nTIBCO Spotfire Deployment Kit versions 7.9.0 and 7.9.1 update to version 7.9.2 or higher\nTIBCO Spotfire Deployment Kit versions 7.10.0 and 7.10.1 update to version 7.10.2 or higher\nTIBCO Spotfire Deployment Kit version 7.11.0 update to version 7.11.1 or higher\nTIBCO Spotfire Deployment Kit version 7.12.0 update to version 7.13.0 or higher\nTIBCO Spotfire Desktop versions 7.8.0 and below update to version 7.8.1 or higher\nTIBCO Spotfire Desktop versions 7.9.0 and 7.9.1 update to version 7.9.2 or higher\nTIBCO Spotfire Desktop versions 7.10.0 and 7.10.1 update to version 7.10.2 or higher\nTIBCO Spotfire Desktop version 7.11.0 update to version 7.11.1 or higher\nTIBCO Spotfire Desktop version 7.12.0 update to version 7.13.0 or higher\nTIBCO Spotfire Desktop Language Packs versions 7.8.0 and below update to version 7.8.1 or higher\nTIBCO Spotfire Desktop Language Packs versions 7.9.0 and 7.9.1 update to version 7.9.2 or higher\nTIBCO Spotfire Desktop Language Packs versions 7.10.0 and 7.10.1 update to version 7.10.2 or higher\nTIBCO Spotfire Desktop Language Packs version 7.11.0 update to version 7.11.1 or higher\n"}], "source": {"discovery": "INTERNAL"}}}}, "cveMetadata": {"assignerOrgId": "4f830c72-39e4-45f6-a99f-78cc01ae04db", "assignerShortName": "tibco", "cveId": "CVE-2018-5437", "datePublished": "2018-06-26T00:00:00", "dateReserved": "2018-01-12T00:00:00", "dateUpdated": "2018-06-29T15:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:tibco:spotfire_analyst:*:*:*:*:*:*:*:*", "matchCriteriaId": "10715379-262A-4BF6-81C1-E83EDFD0997D", "versionEndIncluding": "7.8.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:spotfire_analyst:7.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "F156A08E-4322-4709-AB55-729DD88750C8", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:spotfire_analyst:7.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "A1D9BA58-24CC-49B0-9AAC-B5282739148F", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:spotfire_analyst:7.10.0:*:*:*:*:*:*:*", "matchCriteriaId": "3A523064-C669-4E54-8144-028E67B9E101", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:spotfire_analyst:7.10.1:*:*:*:*:*:*:*", "matchCriteriaId": "EE7860A0-9D92-4A36-82EE-652D259C82CD", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:spotfire_analyst:7.11.0:*:*:*:*:*:*:*", "matchCriteriaId": "807C6E14-4BA0-451D-BD58-60EA49693B19", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:spotfire_analyst:7.12.0:*:*:*:*:*:*:*", "matchCriteriaId": "9421F962-9DF2-47FC-A0D7-C90E6E2D0792", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:tibco:spotfire_analytics_platform_for_aws:*:*:*:*:*:*:*:*", "matchCriteriaId": "07EB5484-D457-4782-B573-874F81C5706B", "versionEndIncluding": "7.12.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:tibco:spotfire_deployment_kit:*:*:*:*:*:*:*:*", "matchCriteriaId": "9339756F-D9E7-4C81-902B-A89508751623", "versionEndIncluding": "7.8.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:spotfire_deployment_kit:7.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "707FD8E7-1D94-487A-9969-C2A24EB0B0CF", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:spotfire_deployment_kit:7.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "1202BCD2-88B8-4C01-B847-0B62395C9E73", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:spotfire_deployment_kit:7.10.0:*:*:*:*:*:*:*", "matchCriteriaId": "AD8CE0D2-2BD8-43D6-AEC6-0FF8A0172D2C", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:spotfire_deployment_kit:7.10.1:*:*:*:*:*:*:*", "matchCriteriaId": "2B4E3F39-B72D-4E61-B7A8-B0A9058615B8", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:spotfire_deployment_kit:7.11.0:*:*:*:*:*:*:*", "matchCriteriaId": "B7AA90E0-E644-4D57-94F8-D3CE47259286", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:spotfire_deployment_kit:7.12.0:*:*:*:*:*:*:*", "matchCriteriaId": "0B8CBAA0-9B0D-4C16-A9AD-4DD94D70E979", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:tibco:spotfire_desktop:*:*:*:*:*:*:*:*", "matchCriteriaId": "FB2A8693-7280-438B-A8C4-CA8FCB81BEEB", "versionEndIncluding": "7.8.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:spotfire_desktop:7.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "242536E9-B5D5-4C28-AC6C-367E596B042E", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:spotfire_desktop:7.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "151FA030-E1DC-4557-A796-0F700D0FE322", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:spotfire_desktop:7.10.0:*:*:*:*:*:*:*", "matchCriteriaId": "941B4BFF-B9C0-49E8-9799-EA3C607DC2EB", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:spotfire_desktop:7.10.1:*:*:*:*:*:*:*", "matchCriteriaId": "F4FACDF7-464C-45D7-9C52-C773DDFEB695", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:spotfire_desktop:7.11.0:*:*:*:*:*:*:*", "matchCriteriaId": "AFD0D0AA-B286-4494-B55C-C46B9C7DA373", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:spotfire_desktop:7.12.0:*:*:*:*:*:*:*", "matchCriteriaId": "031D605C-66FE-40BC-B73C-D122944DBF08", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:tibco:spotfire_desktop_language_packs:*:*:*:*:*:*:*:*", "matchCriteriaId": "6C93DB13-7E0B-4260-875F-8EC71BA10E4B", "versionEndIncluding": "7.8.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:spotfire_desktop_language_packs:7.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "6F6DB39B-3E4D-4BFB-8232-72EA87C7D156", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:spotfire_desktop_language_packs:7.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "2CC33387-D15B-4C9A-86E1-2E0A0B490B6E", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:spotfire_desktop_language_packs:7.10.0:*:*:*:*:*:*:*", "matchCriteriaId": "21E52981-102A-4F56-BBE1-328FF63CD05F", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:spotfire_desktop_language_packs:7.10.1:*:*:*:*:*:*:*", "matchCriteriaId": "1CD9867D-EEF9-4228-9B2A-06449813DD1A", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:spotfire_desktop_language_packs:7.11.0:*:*:*:*:*:*:*", "matchCriteriaId": "B43A6213-F9B4-4CBC-A34D-A67648DE0F54", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The TIBCO Spotfire Client and TIBCO Spotfire Web Player Client components of TIBCO Software Inc.'s TIBCO Spotfire Analyst, TIBCO Spotfire Analytics Platform for AWS Marketplace, TIBCO Spotfire Deployment Kit, TIBCO Spotfire Desktop, and TIBCO Spotfire Desktop Language Packs contain multiple vulnerabilities that may allow for unauthorized information disclosure. Affected releases are TIBCO Software Inc.'s TIBCO Spotfire Analyst: versions up to and including 7.8.0; 7.9.0; 7.9.1; 7.10.0; 7.10.1; 7.11.0; 7.12.0, TIBCO Spotfire Analytics Platform for AWS Marketplace: versions up to and including 7.12.0, TIBCO Spotfire Deployment Kit: versions up to and including 7.8.0; 7.9.0;7.9.1;7.10.0;7.10.1;7.11.0; 7.12.0, TIBCO Spotfire Desktop: versions up to and including 7.8.0; 7.9.0; 7.9.1; 7.10.0; 7.10.1; 7.11.0;7.12.0, TIBCO Spotfire Desktop Language Packs: versions up to and including 7.8.0; 7.9.0; 7.9.1; 7.10.0; 7.10.1; 7.11.0."}, {"lang": "es", "value": "Los componentes TIBCO Spotfire Client y TIBCO Spotfire Web Player Client de TIBCO Spotfire Analyst, TIBCO Spotfire Analytics Platform for AWS Marketplace, TIBCO Spotfire Deployment Kit, TIBCO Spotfire Desktop y TIBCO Spotfire Desktop Language Packs de TIBCO Software Inc. contienen m\u00faltiples vulnerabilidades que podr\u00edan permitir la divulgaci\u00f3n no autorizada de informaci\u00f3n. Las versiones afectadas son TIBCO Spotfire Analyst hasta las versiones (inclusives) 7.8.0; 7.9.0; 7.9.1; 7.10.0; 7.10.1; 7.11.0 y 7.12.0, TIBCO Spotfire Analytics Platform for AWS Marketplace hasta las versi\u00f3n (inclusive) 7.12.0, TIBCO Spotfire Deployment Kit hasta las versiones (inclusives) 7.8.0; 7.9.0; 7.9.1; 7.10.0; 7.10.1; 7.11.0 y 7.12.0, TIBCO Spotfire Desktop hasta las versiones (inclusives) 7.8.0; 7.9.0; 7.9.1; 7.10.0; 7.10.1; 7.11.0 y 7.12.0 y TIBCO Spotfire Desktop Language Pack hasta las versiones (inclusives) 7.8.0; 7.9.0; 7.9.1; 7.10.0; 7.10.1 y 7.11.0 de TIBCO Software Inc."}], "id": "CVE-2018-5437", "lastModified": "2019-10-09T23:41:21.327", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 2.3, "impactScore": 4.0, "source": "security@tibco.com", "type": "Secondary"}]}, "published": "2018-06-27T16:29:00.443", "references": [{"source": "security@tibco.com", "tags": ["Vendor Advisory"], "url": "http://www.tibco.com/services/support/advisories"}, {"source": "security@tibco.com", "tags": ["Vendor Advisory"], "url": "https://www.tibco.com/support/advisories/2018/06/tibco-security-advisory-june-26-2018-tibco-spotfire-2018-5437"}], "sourceIdentifier": "security@tibco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}