Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2017-5533

Опубликовано: 15 нояб. 2017
Источник: nvd
CVSS3: 9.3
CVSS3: 9.8
CVSS2: 5
EPSS Низкий

Описание

A vulnerability in the server content cache of TIBCO JasperReports Server, TIBCO JasperReports Server Community Edition, TIBCO JasperReports Server for ActiveMatrix BPM, TIBCO Jaspersoft for AWS with Multi-Tenancy, and TIBCO Jaspersoft Reporting and Analytics for AWS contains a vulnerability which fails to prevent remote access to all the contents of the web application, including key configuration files. Affected releases are TIBCO JasperReports Server 6.4.0, TIBCO JasperReports Server Community Edition 6.4.0, TIBCO JasperReports Server for ActiveMatrix BPM 6.4.0, TIBCO Jaspersoft for AWS with Multi-Tenancy 6.4.0, TIBCO Jaspersoft Reporting and Analytics for AWS 6.4.0.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:tibco:jasperreports_server:6.4.0:*:*:*:*:*:*:*
cpe:2.3:a:tibco:jasperreports_server:6.4.0:*:*:*:*:activematrix_bpm:*:*
cpe:2.3:a:tibco:jasperreports_server:6.4.0:*:*:*:community:*:*:*
Конфигурация 2

Одно из

cpe:2.3:a:tibco:jaspersoft:6.4.0:*:*:*:*:aws_with_multi-tenancy:*:*
cpe:2.3:a:tibco:jaspersoft_reporting_and_analytics:6.4.0:*:*:*:*:aws:*:*

EPSS

Процентиль: 67%
0.00537
Низкий

9.3 Critical

CVSS3

9.8 Critical

CVSS3

5 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

ubuntu логотип

CVE-2017-5533

CVSS3: 9.3
ubuntu
почти 8 лет назад

A vulnerability in the server content cache of TIBCO JasperReports Server, TIBCO JasperReports Server Community Edition, TIBCO JasperReports Server for ActiveMatrix BPM, TIBCO Jaspersoft for AWS with Multi-Tenancy, and TIBCO Jaspersoft Reporting and Analytics for AWS contains a vulnerability which fails to prevent remote access to all the contents of the web application, including key configuration files. Affected releases are TIBCO JasperReports Server 6.4.0, TIBCO JasperReports Server Community Edition 6.4.0, TIBCO JasperReports Server for ActiveMatrix BPM 6.4.0, TIBCO Jaspersoft for AWS with Multi-Tenancy 6.4.0, TIBCO Jaspersoft Reporting and Analytics for AWS 6.4.0.

debian логотип

CVE-2017-5533

CVSS3: 9.3
debian
почти 8 лет назад

A vulnerability in the server content cache of TIBCO JasperReports Ser ...

github логотип

GHSA-27wc-fr9j-8x58

CVSS3: 9.8
github
больше 3 лет назад

A vulnerability in the server content cache of TIBCO JasperReports Server, TIBCO JasperReports Server Community Edition, TIBCO JasperReports Server for ActiveMatrix BPM, TIBCO Jaspersoft for AWS with Multi-Tenancy, and TIBCO Jaspersoft Reporting and Analytics for AWS contains a vulnerability which fails to prevent remote access to all the contents of the web application, including key configuration files. Affected releases are TIBCO JasperReports Server 6.4.0, TIBCO JasperReports Server Community Edition 6.4.0, TIBCO JasperReports Server for ActiveMatrix BPM 6.4.0, TIBCO Jaspersoft for AWS with Multi-Tenancy 6.4.0, TIBCO Jaspersoft Reporting and Analytics for AWS 6.4.0.

EPSS

Процентиль: 67%
0.00537
Низкий

9.3 Critical

CVSS3

9.8 Critical

CVSS3

5 Medium

CVSS2

Дефекты

NVD-CWE-noinfo