Information disclosure

2017-06-2914:29:00

PRIOn knowledge base

www.prio-n.com

7.6 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

47.5%

JSON

JasperReports library components contain an information disclosure vulnerability. This vulnerability includes the theoretical disclosure of any accessible information from the host file system. Affects TIBCO JasperReports Library Community Edition (versions 6.4.0 and below), TIBCO JasperReports Library for ActiveMatrix BPM (versions 6.2.0 and below), TIBCO JasperReports Professional (versions 6.2.1 and below, and 6.3.0), TIBCO JasperReports Server (versions 6.1.1 and below, 6.2.0, 6.2.1, 6.3.0), TIBCO JasperReports Server Community Edition (versions 6.3.0 and below), TIBCO JasperReports Server for ActiveMatrix BPM (versions 6.2.0 and below), TIBCO Jaspersoft for AWS with Multi-Tenancy (versions 6.3.0 and below), TIBCO Jaspersoft Reporting and Analytics for AWS (versions 6.3.0 and below), and TIBCO Jaspersoft Studio for ActiveMatrix BPM (versions 6.2.0 and below).

CPENameOperatorVersion
jasperreports_library_community_editionle6.4.0
jasperreports_library_for_activematrix_bpmle6.2.0
jasperreports_professionaleq6.3.0
jasperreports_professionalle6.2.1
jasperreports_serverle6.1.1
jasperreports_servereq6.2.1
jasperreports_servereq6.3.0
jasperreports_servereq6.2.0
jasperreports_server_community_editionle6.3.0
jasperreports_server_for_activematrix_bpmle6.2.0

Name	Operator	Version
jasperreports_library_community_edition	le	6.4.0
jasperreports_library_for_activematrix_bpm	le	6.2.0
jasperreports_professional	eq	6.3.0
jasperreports_professional	le	6.2.1
jasperreports_server	le	6.1.1
jasperreports_server	eq	6.2.1
jasperreports_server	eq	6.3.0
jasperreports_server	eq	6.2.0
jasperreports_server_community_edition	le	6.3.0
jasperreports_server_for_activematrix_bpm	le	6.2.0