Lucene search

[email protected]NVD:CVE-2013-2371

HistoryMar 15, 2013 - 10:55 p.m.

CVE-2013-2371

2013-03-1522:55:00

CWE-200

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.2

Confidence

Low

EPSS

0.003

Percentile

70.5%

JSON

The Web API in the Statistics Server in TIBCO Spotfire Statistics Services 3.3.x before 3.3.1, 4.5.x before 4.5.1, and 5.0.x before 5.0.1 allows remote attackers to obtain sensitive information via an unspecified HTTP request.

Affected configurations

Nvd

Node

tibcospotfire_statistics_servicesMatch3.3

Node

tibcospotfire_statistics_servicesMatch4.5.0

Node

tibcospotfire_statistics_servicesMatch5.0.0

VendorProductVersionCPE
tibcospotfire_statistics_services3.3cpe:2.3:a:tibco:spotfire_statistics_services:3.3:*:*:*:*:*:*:*
tibcospotfire_statistics_services4.5.0cpe:2.3:a:tibco:spotfire_statistics_services:4.5.0:*:*:*:*:*:*:*
tibcospotfire_statistics_services5.0.0cpe:2.3:a:tibco:spotfire_statistics_services:5.0.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
tibco	spotfire_statistics_services	3.3	cpe:2.3:a:tibco:spotfire_statistics_services:3.3:::::::*
tibco	spotfire_statistics_services	4.5.0	cpe:2.3:a:tibco:spotfire_statistics_services:4.5.0:::::::*
tibco	spotfire_statistics_services	5.0.0	cpe:2.3:a:tibco:spotfire_statistics_services:5.0.0:::::::*

References

www.tibco.com/mk/advisory.jsp

www.tibco.com/multimedia/spotfire-statistics-services-advisory-2013-03-12_tcm8-18479.txt

www.tibco.com/services/support/advisories/spotfire-advisory_20130313.jsp

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.2

Confidence

Low

EPSS

0.003

Percentile

70.5%

JSON

Related for NVD:CVE-2013-2371

cvelist1 prion1 cve1