CVE-2019-11210
TIBCO Enterprise Runtime for R Server Exposes Remote Code Execution
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The server component of TIBCO Software Inc.'s TIBCO Enterprise Runtime for R - Server Edition, and TIBCO Spotfire Analytics Platform for AWS Marketplace contains a vulnerability that theoretically allows an unauthenticated user to bypass access controls and remotely execute code using the operating system account hosting the affected component. This issue affects: TIBCO Enterprise Runtime for R - Server Edition versions 1.2.0 and below, and TIBCO Spotfire Analytics Platform for AWS Marketplace versions 10.4.0 and 10.5.0.
TIBCO Enterprise Runtime para R - Server Edition, y TIBCO Spotfire Analytics Platform para AWS Marketplace del componente servidor de TIBCO Software Inc., contiene una vulnerabilidad que teóricamente permite a un usuario no autenticado omitir los controles de acceso y ejecutar código remotamente usando el alojamiento de una cuenta de sistema operativo en el componente afectado. Este problema afecta: TIBCO Enterprise Runtime para R - Server Edition versiones 1.2.0 y posteriores, y TIBCO Spotfire Analytics Platform para AWS Marketplace versiones 10.4.0 y 10.5.0.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-04-12 CVE Reserved
- 2019-09-18 CVE Published
- 2023-12-14 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (2)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Tibco Search vendor "Tibco" | Enterprise Runtime For R Search vendor "Tibco" for product "Enterprise Runtime For R" | <= 1.2.0 Search vendor "Tibco" for product "Enterprise Runtime For R" and version " <= 1.2.0" | server |
Affected
| ||||||
Tibco Search vendor "Tibco" | Spotfire Analytics Platform For Aws Search vendor "Tibco" for product "Spotfire Analytics Platform For Aws" | 10.4.0 Search vendor "Tibco" for product "Spotfire Analytics Platform For Aws" and version "10.4.0" | - |
Affected
| ||||||
Tibco Search vendor "Tibco" | Spotfire Analytics Platform For Aws Search vendor "Tibco" for product "Spotfire Analytics Platform For Aws" | 10.5.0 Search vendor "Tibco" for product "Spotfire Analytics Platform For Aws" and version "10.5.0" | - |
Affected
|