CVE-2019-8989

Опубликовано: 26 мар. 2019

Источник: nvd

CVSS3: 5

CVSS3: 4.3

CVSS2: 4

EPSS Низкий

Описание

The application server component of TIBCO Software Inc.'s TIBCO Data Science for AWS, and TIBCO Spotfire Data Science contains a vulnerability that theoretically enables a user to spoof their account to look like a different user in the affected system. Affected releases are TIBCO Software Inc.'s TIBCO Data Science for AWS: versions up to and including 6.4.0, and TIBCO Spotfire Data Science: versions up to and including 6.4.0.

Ссылки

http://www.securityfocus.com/bid/107608
Third Party Advisory
VDB Entry
http://www.tibco.com/services/support/advisories
Vendor Advisory
https://www.tibco.com/support/advisories/2019/03/tibco-security-advisory-march-26-2019-tibco-spotfire-data-science-2019-8989
Vendor Advisory
http://www.securityfocus.com/bid/107608
Third Party Advisory
VDB Entry
http://www.tibco.com/services/support/advisories
Vendor Advisory
https://www.tibco.com/support/advisories/2019/03/tibco-security-advisory-march-26-2019-tibco-spotfire-data-science-2019-8989
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:tibco:data_science_for_aws:*:*:*:*:*:*:*:*

Версия до 6.4.0 (включая)

cpe:2.3:a:tibco:spotfire_data_science:*:*:*:*:*:*:*:*

Версия до 6.4.0 (включая)

EPSS

Процентиль: 42%

0.002

Низкий

5 Medium

CVSS3

4.3 Medium

CVSS3

4 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-xq29-5vxx-327w

CVSS3: 4.3

github

больше 3 лет назад

EPSS

Процентиль: 42%

0.002

Низкий

5 Medium

CVSS3

4.3 Medium

CVSS3

4 Medium

CVSS2

Дефекты

NVD-CWE-noinfo