Vulnerability Description
The Spotfire web server component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace, and TIBCO Spotfire Server contains multiple vulnerabilities that may allow persistent and reflected cross-site scripting attacks. Affected releases are TIBCO Software Inc. TIBCO Spotfire Analytics Platform for AWS Marketplace: versions up to and including 10.0.0, and TIBCO Spotfire Server: versions up to and including 7.10.1; 7.11.0; 7.11.1; 7.12.0; 7.13.0; 7.14.0; 10.0.0.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Tibco | Spotfire Analytics Platform For Aws | <= 10.0.0 |
| Tibco | Spotfire Server | <= 7.10.1 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/106635Third Party AdvisoryVDB Entry
- http://www.tibco.com/services/support/advisoriesVendor Advisory
- https://www.tibco.com/support/advisories/2019/01/tibco-security-advisory-januaryVendor Advisory
- http://www.securityfocus.com/bid/106635Third Party AdvisoryVDB Entry
- http://www.tibco.com/services/support/advisoriesVendor Advisory
- https://www.tibco.com/support/advisories/2019/01/tibco-security-advisory-januaryVendor Advisory
FAQ
What is CVE-2018-18813?
CVE-2018-18813 is a vulnerability with a CVSS score of 8.8 (HIGH). The Spotfire web server component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace, and TIBCO Spotfire Server contains multiple vulnerabilities that may allow persistent ...
How severe is CVE-2018-18813?
CVE-2018-18813 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-18813?
Check the references section above for vendor advisories and patch information. Affected products include: Tibco Spotfire Analytics Platform For Aws, Tibco Spotfire Server.