Vulnerability Description
The Spotfire server component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace, and TIBCO Spotfire Server contain multiple vulnerabilities that may allow for the disclosure of information, including user and data source credentials. Affected releases are TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace: versions up to and including 7.12.0, TIBCO Spotfire Server: versions up to and including 7.8.1; 7.9.0; 7.10.0; 7.11.0; 7.12.0.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Tibco | Spotfire Analytics Platform For Aws | <= 7.12.0 |
| Tibco | Spotfire Server | <= 7.8.1 |
Related Weaknesses (CWE)
References
- http://www.tibco.com/services/support/advisoriesVendor Advisory
- https://www.tibco.com/support/advisories/2018/06/tibco-security-advisory-june-26Vendor Advisory
- http://www.tibco.com/services/support/advisoriesVendor Advisory
- https://www.tibco.com/support/advisories/2018/06/tibco-security-advisory-june-26Vendor Advisory
FAQ
What is CVE-2018-5436?
CVE-2018-5436 is a vulnerability with a CVSS score of 6.5 (MEDIUM). The Spotfire server component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace, and TIBCO Spotfire Server contain multiple vulnerabilities that may allow for the disclosu...
How severe is CVE-2018-5436?
CVE-2018-5436 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-5436?
Check the references section above for vendor advisories and patch information. Affected products include: Tibco Spotfire Analytics Platform For Aws, Tibco Spotfire Server.