CVE-2019-11204
TIBCO Spotfire Statistics Services Exposes Sensitive Files
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The web interface component of TIBCO Software Inc.'s TIBCO Spotfire Statistics Services contains a vulnerability that might theoretically allow an authenticated user to access sensitive information needed by the Spotfire Statistics Services server. The sensitive information that might be affected includes database, JMX, LDAP, Windows service account, and user credentials. Affected releases are TIBCO Software Inc.'s TIBCO Spotfire Statistics Services: versions up to and including 7.11.1; 10.0.0.
El componente de interfaz web de TIBCO Spotfire Statistics Services de TIBCO Software Inc, contiene una vulnerabilidad que podría, en teoría, permitir que un usuario autenticado acceda a la información confidencial que necesita el servidor Spotfire Statistics Services. La información confidencial que podría verse imapactada comprende base de datos, JMX, LDAP, cuenta de servicio de Windows y credenciales de usuario. Las versiones afectadas son TIBCO Software Inc.'s TIBCO Spotfire Statistics Services: versiones hasta 7.11.1 y 10.0.0. incluyéndolas.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-04-12 CVE Reserved
- 2019-05-14 CVE Published
- 2024-05-07 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (3)
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Tibco Search vendor "Tibco" | Spotfire Statistics Services Search vendor "Tibco" for product "Spotfire Statistics Services" | <= 7.11.1 Search vendor "Tibco" for product "Spotfire Statistics Services" and version " <= 7.11.1" | - |
Affected
| ||||||
Tibco Search vendor "Tibco" | Spotfire Statistics Services Search vendor "Tibco" for product "Spotfire Statistics Services" | 10.0.0 Search vendor "Tibco" for product "Spotfire Statistics Services" and version "10.0.0" | - |
Affected
|