Vulnerability Description
The Spotfire Library component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace, and TIBCO Spotfire Server contains a vulnerability that might theoretically fail to restrict users with read-only access from modifying files stored in the Spotfire Library, only when the Spotfire Library is configured to use external storage. Affected releases are TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace versions up to and including 10.0.0, and TIBCO Spotfire Server versions up to and including 7.10.1; 7.11.0; 7.11.1; 7.12.0; 7.13.0; 7.14.0; 10.0.0.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Tibco | Spotfire Analytics Platform For Aws | <= 10.0.0 |
| Tibco | Spotfire Server | <= 7.10.1 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/106635Third Party AdvisoryVDB Entry
- http://www.tibco.com/services/support/advisoriesVendor Advisory
- https://www.tibco.com/support/advisories/2019/01/tibco-security-advisory-januaryVendor Advisory
- http://www.securityfocus.com/bid/106635Third Party AdvisoryVDB Entry
- http://www.tibco.com/services/support/advisoriesVendor Advisory
- https://www.tibco.com/support/advisories/2019/01/tibco-security-advisory-januaryVendor Advisory
FAQ
What is CVE-2018-18812?
CVE-2018-18812 is a vulnerability with a CVSS score of 6.5 (MEDIUM). The Spotfire Library component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace, and TIBCO Spotfire Server contains a vulnerability that might theoretically fail to restr...
How severe is CVE-2018-18812?
CVE-2018-18812 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-18812?
Check the references section above for vendor advisories and patch information. Affected products include: Tibco Spotfire Analytics Platform For Aws, Tibco Spotfire Server.