CVE-2019-8989

Summary

The application server component of TIBCO Software Inc.'s TIBCO Data Science for AWS, and TIBCO Spotfire Data Science contains a vulnerability that theoretically enables a user to spoof their account to look like a different user in the affected system. Affected releases are TIBCO Software Inc.'s TIBCO Data Science for AWS: versions up to and including 6.4.0, and TIBCO Spotfire Data Science: versions up to and including 6.4.0.

Affected Software

VendorProductVersion RangeStatus
TIBCO Software Inc.TIBCO Data Science for AWSunspecified <= 6.4.0affected
TIBCO Software Inc.TIBCO Spotfire Data Scienceunspecified <= 6.4.0affected

Weaknesses

  • The impact of this vulnerability includes the theoretical possibility that a user of the system could temporarily fool another user of the system into believing they were someone else.

ADP Enrichment

CVE Program Container

Additional References

References