CVE-2017-5527
4.3
CVSS:3.0/A:N/AC:L/AV:N/C:L/I:N/PR:L/S:U/UI:N
Summary
TIBCO Spotfire Server 7.0.X before 7.0.2, 7.5.x before 7.5.1, 7.6.x before 7.6.1, 7.7.x before 7.7.1, and 7.8.x before 7.8.1 and Spotfire Analytics Platform for AWS Marketplace 7.8.0 and earlier contain multiple vulnerabilities which may allow authorized users to perform SQL injection attacks.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| TIBCO Software Inc. | TIBCO Spotfire Server | 7.0.0 | affected |
| TIBCO Software Inc. | TIBCO Spotfire Server | 7.0.1 | affected |
| TIBCO Software Inc. | TIBCO Spotfire Server | 7.5.0 | affected |
| TIBCO Software Inc. | TIBCO Spotfire Server | 7.6.0 | affected |
| TIBCO Software Inc. | TIBCO Spotfire Server | 7.7.0 | affected |
| TIBCO Software Inc. | TIBCO Spotfire Server | 7.8.0 | affected |
| TIBCO Software Inc. | TIBCO Spotfire Analytics Platform for AWS Marketplace | 7.8.0 | affected |
Weaknesses
- SQL injection attack
ADP Enrichment
CVE Program Container
Additional References
- http://www.tibco.com/support/advisories/2017/05/tibco-security-advisory-may-9-2017-tibco-spotfire-server
- http://www.securityfocus.com/bid/98398
References
- http://www.tibco.com/support/advisories/2017/05/tibco-security-advisory-may-9-2017-tibco-spotfire-server
- http://www.securityfocus.com/bid/98398
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.