Lucene search

MitreCVE-2011-3134

HistorySep 02, 2011 - 4:55 p.m.

CVE-2011-3134

2011-09-0216:55:06

mitre

web.nvd.nist.gov

vulnerability

tibco spotfire server

spotfire analytics server

remote attackers

data modification

sensitive information

nvd

cve-2011-3134

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.4

Confidence

Low

EPSS

0.007

Percentile

79.5%

JSON

Unspecified vulnerability in TIBCO Spotfire Server 3.0.x before 3.0.2, 3.1.x before 3.1.2, 3.2.x before 3.2.1, and 3.3.x before 3.3.1, and Spotfire Analytics Server before 10.1.1, allows remote attackers to modify data or obtain sensitive information via a crafted URL.

Affected configurations

Nvd

Node

tibcospotfire_analytics_serverRange≤10.0.1

tibcospotfire_analytics_serverMatch10.0.0

tibcospotfire_serverMatch3.0.0

tibcospotfire_serverMatch3.0.1

tibcospotfire_serverMatch3.1.0

tibcospotfire_serverMatch3.1.1

tibcospotfire_serverMatch3.2.0

tibcospotfire_serverMatch3.3.0

VendorProductVersionCPE
tibcospotfire_analytics_server*cpe:2.3:a:tibco:spotfire_analytics_server:*:*:*:*:*:*:*:*
tibcospotfire_analytics_server10.0.0cpe:2.3:a:tibco:spotfire_analytics_server:10.0.0:*:*:*:*:*:*:*
tibcospotfire_server3.0.0cpe:2.3:a:tibco:spotfire_server:3.0.0:*:*:*:*:*:*:*
tibcospotfire_server3.0.1cpe:2.3:a:tibco:spotfire_server:3.0.1:*:*:*:*:*:*:*
tibcospotfire_server3.1.0cpe:2.3:a:tibco:spotfire_server:3.1.0:*:*:*:*:*:*:*
tibcospotfire_server3.1.1cpe:2.3:a:tibco:spotfire_server:3.1.1:*:*:*:*:*:*:*
tibcospotfire_server3.2.0cpe:2.3:a:tibco:spotfire_server:3.2.0:*:*:*:*:*:*:*
tibcospotfire_server3.3.0cpe:2.3:a:tibco:spotfire_server:3.3.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
tibco	spotfire_analytics_server	*	cpe:2.3:a:tibco:spotfire_analytics_server::::::::
tibco	spotfire_analytics_server	10.0.0	cpe:2.3:a:tibco:spotfire_analytics_server:10.0.0:::::::*
tibco	spotfire_server	3.0.0	cpe:2.3:a:tibco:spotfire_server:3.0.0:::::::*
tibco	spotfire_server	3.0.1	cpe:2.3:a:tibco:spotfire_server:3.0.1:::::::*
tibco	spotfire_server	3.1.0	cpe:2.3:a:tibco:spotfire_server:3.1.0:::::::*
tibco	spotfire_server	3.1.1	cpe:2.3:a:tibco:spotfire_server:3.1.1:::::::*
tibco	spotfire_server	3.2.0	cpe:2.3:a:tibco:spotfire_server:3.2.0:::::::*
tibco	spotfire_server	3.3.0	cpe:2.3:a:tibco:spotfire_server:3.3.0:::::::*

References

secunia.com/advisories/45864

www.securitytracker.com/id?1025999

www.tibco.com/multimedia/spotfire_advisory_20110831_tcm8-14230.txt

www.tibco.com/services/support/advisories/default.jsp

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.4

Confidence

Low

EPSS

0.007

Percentile

79.5%

JSON

Related for CVE-2011-3134