CVE-2018-5431

🗓️ 17 Apr 2018 18:00:00Reported by tibcoType

CVE-2018-5431 TIBCO JasperReports Server XSS vulnerabilit

Reporter	Title	Published	Views	Family All 10
CNVD	Multiple TIBCO products domain designer component cross-site scripting vulnerability	19 Apr 201800:00	–	cnvd
Cvelist	CVE-2018-5431 TIBCO JasperReports Server Cross Site Scripting Vulnerability	17 Apr 201818:00	–	cvelist
Debian CVE	CVE-2018-5431	17 Apr 201818:00	–	debiancve
EUVD	EUVD-2018-17201	7 Oct 202500:30	–	euvd
NVD	CVE-2018-5431	17 Apr 201818:29	–	nvd
OSV	UBUNTU-CVE-2018-5431	17 Apr 201818:29	–	osv
Prion	Cross site scripting	17 Apr 201818:29	–	prion
RedhatCVE	CVE-2018-5431	14 May 201911:53	–	redhatcve
UbuntuCve	CVE-2018-5431	17 Apr 201818:29	–	ubuntucve
Tenable Nessus	Linux Distros Unpatched Vulnerability : CVE-2018-5431	3 Sep 202500:00	–	nessus

NVD

Node

tibco jasperreports_serverRange≤6.2.4

tibco jasperreports_serverRange≤6.4.2activematrix_bpm

tibco jasperreports_serverRange≤6.4.2community

tibco jasperreports_serverMatch6.3.0

tibco jasperreports_serverMatch6.3.2

tibco jasperreports_serverMatch6.3.3

tibco jasperreports_serverMatch6.4.0

tibco jasperreports_serverMatch6.4.2

Node

tibco jaspersoftRange≤6.4.2aws_with_multi-tenancy

tibco jaspersoft_reporting_and_analyticsRange≤6.4.2aws

[
  {
    "product": "TIBCO JasperReports Server",
    "vendor": "TIBCO Software Inc.",
    "versions": [
      {
        "lessThanOrEqual": "6.2.4",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "status": "affected",
        "version": "6.3.0"
      },
      {
        "status": "affected",
        "version": "6.3.2"
      },
      {
        "status": "affected",
        "version": "6.3.3"
      },
      {
        "status": "affected",
        "version": "6.4.0"
      },
      {
        "status": "affected",
        "version": "6.4.2"
      }
    ]
  },
  {
    "product": "TIBCO JasperReports Server Community Edition",
    "vendor": "TIBCO Software Inc.",
    "versions": [
      {
        "lessThanOrEqual": "6.4.2",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "TIBCO JasperReports Server for ActiveMatrix BPM",
    "vendor": "TIBCO Software Inc.",
    "versions": [
      {
        "lessThanOrEqual": "6.4.2",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "TIBCO Jaspersoft for AWS with Multi-Tenancy",
    "vendor": "TIBCO Software Inc.",
    "versions": [
      {
        "lessThanOrEqual": "6.4.2",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "TIBCO Jaspersoft Reporting and Analytics for AWS",
    "vendor": "TIBCO Software Inc.",
    "versions": [
      {
        "lessThanOrEqual": "6.4.2",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
tibco	www.tibco.com/support/advisories/2018/04/tibco-security-advisory-april-17-2018-tibco-jasperreports-2018-5431

21 Nov 2024 04:08Current

5.4Medium risk

Vulners AI Score5.4

CVSS 23.5

CVSS 35.4 - 6.3

EPSS0.0025

CWE-79