CVE-2018-5437

{"id": "CVE-2018-5437", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}, {"type": "Secondary", "source": "security@tibco.com", "cvssData": {"scope": "CHANGED", "version": "3.0", "baseScore": 6.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 4.0, "exploitabilityScore": 2.3}]}, "published": "2018-06-27T16:29:00.443", "references": [{"url": "http://www.tibco.com/services/support/advisories", "tags": ["Vendor Advisory"], "source": "security@tibco.com"}, {"url": "https://www.tibco.com/support/advisories/2018/06/tibco-security-advisory-june-26-2018-tibco-spotfire-2018-5437", "tags": ["Vendor Advisory"], "source": "security@tibco.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "The TIBCO Spotfire Client and TIBCO Spotfire Web Player Client components of TIBCO Software Inc.'s TIBCO Spotfire Analyst, TIBCO Spotfire Analytics Platform for AWS Marketplace, TIBCO Spotfire Deployment Kit, TIBCO Spotfire Desktop, and TIBCO Spotfire Desktop Language Packs contain multiple vulnerabilities that may allow for unauthorized information disclosure. Affected releases are TIBCO Software Inc.'s TIBCO Spotfire Analyst: versions up to and including 7.8.0; 7.9.0; 7.9.1; 7.10.0; 7.10.1; 7.11.0; 7.12.0, TIBCO Spotfire Analytics Platform for AWS Marketplace: versions up to and including 7.12.0, TIBCO Spotfire Deployment Kit: versions up to and including 7.8.0; 7.9.0;7.9.1;7.10.0;7.10.1;7.11.0; 7.12.0, TIBCO Spotfire Desktop: versions up to and including 7.8.0; 7.9.0; 7.9.1; 7.10.0; 7.10.1; 7.11.0;7.12.0, TIBCO Spotfire Desktop Language Packs: versions up to and including 7.8.0; 7.9.0; 7.9.1; 7.10.0; 7.10.1; 7.11.0."}, {"lang": "es", "value": "Los componentes TIBCO Spotfire Client y TIBCO Spotfire Web Player Client de TIBCO Spotfire Analyst, TIBCO Spotfire Analytics Platform for AWS Marketplace, TIBCO Spotfire Deployment Kit, TIBCO Spotfire Desktop y TIBCO Spotfire Desktop Language Packs de TIBCO Software Inc. contienen m\u00faltiples vulnerabilidades que podr\u00edan permitir la divulgaci\u00f3n no autorizada de informaci\u00f3n. Las versiones afectadas son TIBCO Spotfire Analyst hasta las versiones (inclusives) 7.8.0; 7.9.0; 7.9.1; 7.10.0; 7.10.1; 7.11.0 y 7.12.0, TIBCO Spotfire Analytics Platform for AWS Marketplace hasta las versi\u00f3n (inclusive) 7.12.0, TIBCO Spotfire Deployment Kit hasta las versiones (inclusives) 7.8.0; 7.9.0; 7.9.1; 7.10.0; 7.10.1; 7.11.0 y 7.12.0, TIBCO Spotfire Desktop hasta las versiones (inclusives) 7.8.0; 7.9.0; 7.9.1; 7.10.0; 7.10.1; 7.11.0 y 7.12.0 y TIBCO Spotfire Desktop Language Pack hasta las versiones (inclusives) 7.8.0; 7.9.0; 7.9.1; 7.10.0; 7.10.1 y 7.11.0 de TIBCO Software Inc."}], "lastModified": "2019-10-09T23:41:21.327", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:tibco:spotfire_analyst:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "10715379-262A-4BF6-81C1-E83EDFD0997D", "versionEndIncluding": "7.8.0"}, {"criteria": "cpe:2.3:a:tibco:spotfire_analyst:7.9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F156A08E-4322-4709-AB55-729DD88750C8"}, {"criteria": "cpe:2.3:a:tibco:spotfire_analyst:7.9.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A1D9BA58-24CC-49B0-9AAC-B5282739148F"}, {"criteria": "cpe:2.3:a:tibco:spotfire_analyst:7.10.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3A523064-C669-4E54-8144-028E67B9E101"}, {"criteria": "cpe:2.3:a:tibco:spotfire_analyst:7.10.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EE7860A0-9D92-4A36-82EE-652D259C82CD"}, {"criteria": "cpe:2.3:a:tibco:spotfire_analyst:7.11.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "807C6E14-4BA0-451D-BD58-60EA49693B19"}, {"criteria": "cpe:2.3:a:tibco:spotfire_analyst:7.12.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9421F962-9DF2-47FC-A0D7-C90E6E2D0792"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:tibco:spotfire_analytics_platform_for_aws:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "07EB5484-D457-4782-B573-874F81C5706B", "versionEndIncluding": "7.12.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:tibco:spotfire_deployment_kit:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9339756F-D9E7-4C81-902B-A89508751623", "versionEndIncluding": "7.8.0"}, {"criteria": "cpe:2.3:a:tibco:spotfire_deployment_kit:7.9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "707FD8E7-1D94-487A-9969-C2A24EB0B0CF"}, {"criteria": "cpe:2.3:a:tibco:spotfire_deployment_kit:7.9.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1202BCD2-88B8-4C01-B847-0B62395C9E73"}, {"criteria": "cpe:2.3:a:tibco:spotfire_deployment_kit:7.10.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AD8CE0D2-2BD8-43D6-AEC6-0FF8A0172D2C"}, {"criteria": "cpe:2.3:a:tibco:spotfire_deployment_kit:7.10.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2B4E3F39-B72D-4E61-B7A8-B0A9058615B8"}, {"criteria": "cpe:2.3:a:tibco:spotfire_deployment_kit:7.11.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B7AA90E0-E644-4D57-94F8-D3CE47259286"}, {"criteria": "cpe:2.3:a:tibco:spotfire_deployment_kit:7.12.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0B8CBAA0-9B0D-4C16-A9AD-4DD94D70E979"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:tibco:spotfire_desktop:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FB2A8693-7280-438B-A8C4-CA8FCB81BEEB", "versionEndIncluding": "7.8.0"}, {"criteria": "cpe:2.3:a:tibco:spotfire_desktop:7.9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "242536E9-B5D5-4C28-AC6C-367E596B042E"}, {"criteria": "cpe:2.3:a:tibco:spotfire_desktop:7.9.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "151FA030-E1DC-4557-A796-0F700D0FE322"}, {"criteria": "cpe:2.3:a:tibco:spotfire_desktop:7.10.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "941B4BFF-B9C0-49E8-9799-EA3C607DC2EB"}, {"criteria": "cpe:2.3:a:tibco:spotfire_desktop:7.10.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F4FACDF7-464C-45D7-9C52-C773DDFEB695"}, {"criteria": "cpe:2.3:a:tibco:spotfire_desktop:7.11.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AFD0D0AA-B286-4494-B55C-C46B9C7DA373"}, {"criteria": "cpe:2.3:a:tibco:spotfire_desktop:7.12.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "031D605C-66FE-40BC-B73C-D122944DBF08"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:tibco:spotfire_desktop_language_packs:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6C93DB13-7E0B-4260-875F-8EC71BA10E4B", "versionEndIncluding": "7.8.0"}, {"criteria": "cpe:2.3:a:tibco:spotfire_desktop_language_packs:7.9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6F6DB39B-3E4D-4BFB-8232-72EA87C7D156"}, {"criteria": "cpe:2.3:a:tibco:spotfire_desktop_language_packs:7.9.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2CC33387-D15B-4C9A-86E1-2E0A0B490B6E"}, {"criteria": "cpe:2.3:a:tibco:spotfire_desktop_language_packs:7.10.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "21E52981-102A-4F56-BBE1-328FF63CD05F"}, {"criteria": "cpe:2.3:a:tibco:spotfire_desktop_language_packs:7.10.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1CD9867D-EEF9-4228-9B2A-06449813DD1A"}, {"criteria": "cpe:2.3:a:tibco:spotfire_desktop_language_packs:7.11.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B43A6213-F9B4-4CBC-A34D-A67648DE0F54"}], "operator": "OR"}]}], "sourceIdentifier": "security@tibco.com"}