CVE-2013-2371
Severity Score
5.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The Web API in the Statistics Server in TIBCO Spotfire Statistics Services 3.3.x before 3.3.1, 4.5.x before 4.5.1, and 5.0.x before 5.0.1 allows remote attackers to obtain sensitive information via an unspecified HTTP request.
La API Web en el Statistics Server en TIBCO Spotfire Statistics Services v3.3.x anterior a v3.3.1, v4.5.x anterior a v4.5.1, y v5.0.x anterior a v5.0.1 permite a atacantes remotos obtener informaciĆ³n sensible mediante una solicitud HTTP.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2013-03-04 CVE Reserved
- 2013-03-15 CVE Published
- 2024-09-17 CVE Updated
- 2024-09-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
References (3)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Tibco Search vendor "Tibco" | Spotfire Statistics Services Search vendor "Tibco" for product "Spotfire Statistics Services" | 3.3 Search vendor "Tibco" for product "Spotfire Statistics Services" and version "3.3" | - |
Affected
| ||||||
| Tibco Search vendor "Tibco" | Spotfire Statistics Services Search vendor "Tibco" for product "Spotfire Statistics Services" | 4.5.0 Search vendor "Tibco" for product "Spotfire Statistics Services" and version "4.5.0" | - |
Affected
| ||||||
| Tibco Search vendor "Tibco" | Spotfire Statistics Services Search vendor "Tibco" for product "Spotfire Statistics Services" | 5.0.0 Search vendor "Tibco" for product "Spotfire Statistics Services" and version "5.0.0" | - |
Affected
| ||||||