CVE-2020-9408 TIBCO Spotfire Server Script Trust Problem Exposes Remote Code Execution Vulnerability

🗓️ 11 Mar 2020 19:55:12Reported by tibcoType

TIBCO Spotfire Server Script Trust Problem Exposes Remote Code Execution Vulnerabilit

Reporter	Title	Published	Views	Family All 5
CNVD	TIBCO Software Spotfire Analytics Platform for AWS Marketplace and TIBCO Spotfire Server Remote Code Execution Vulnerabilities	12 Mar 202000:00	–	cnvd
CVE	CVE-2020-9408	11 Mar 202019:55	–	cve
EUVD	EUVD-2020-30228	7 Oct 202500:30	–	euvd
NVD	CVE-2020-9408	11 Mar 202020:15	–	nvd
Prion	Design/Logic Flaw	11 Mar 202020:15	–	prion

[
  {
    "product": "TIBCO Spotfire Analytics Platform for AWS Marketplace",
    "vendor": "TIBCO Software Inc.",
    "versions": [
      {
        "lessThanOrEqual": "10.8.0",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "TIBCO Spotfire Server",
    "vendor": "TIBCO Software Inc.",
    "versions": [
      {
        "lessThanOrEqual": "7.11.9",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "status": "affected",
        "version": "7.12.0"
      },
      {
        "status": "affected",
        "version": "7.13.0"
      },
      {
        "status": "affected",
        "version": "7.14.0"
      },
      {
        "status": "affected",
        "version": "10.0.0"
      },
      {
        "status": "affected",
        "version": "10.0.1"
      },
      {
        "status": "affected",
        "version": "10.1.0"
      },
      {
        "status": "affected",
        "version": "10.2.0"
      },
      {
        "status": "affected",
        "version": "10.3.0"
      },
      {
        "status": "affected",
        "version": "10.3.1"
      },
      {
        "status": "affected",
        "version": "10.3.2"
      },
      {
        "status": "affected",
        "version": "10.3.3"
      },
      {
        "status": "affected",
        "version": "10.3.4"
      },
      {
        "status": "affected",
        "version": "10.3.5"
      },
      {
        "status": "affected",
        "version": "10.3.6"
      },
      {
        "status": "affected",
        "version": "10.4.0"
      },
      {
        "status": "affected",
        "version": "10.5.0"
      },
      {
        "status": "affected",
        "version": "10.6.0"
      },
      {
        "status": "affected",
        "version": "10.6.1"
      },
      {
        "status": "affected",
        "version": "10.7.0"
      },
      {
        "status": "affected",
        "version": "10.8.0"
      }
    ]
  }
]

Source	Link
tibco	www.tibco.com/support/advisories/2020/03/tibco-security-advisory-march-11-2020-tibco-spotfire-server
tibco	www.tibco.com/services/support/advisories

11 Mar 2020 19:55Current

8.8High risk

Vulners AI Score8.8

CVSS 39.9

EPSS0.00241