Unrated severityNVD Advisory· Published Sep 20, 2022· Updated May 28, 2025

TIBCO Spotfire Server Blind SSRF vulnerability

CVE-2022-30579

Description

The Web Player component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace and TIBCO Spotfire Server contains a difficult to exploit vulnerability that allows a low privileged attacker with network access to execute blind Server Side Request Forgery (SSRF) on the affected system. Affected releases are TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace: version 12.0.0 and TIBCO Spotfire Server: version 12.0.0.

Affected products

TIBCO Software/TIBCO Spotfire Analytics Platform for AWS Marketplacellm-create
Range: = 12.0.0
TIBCO Software/TIBCO Spotfire Serverllm-create
Range: = 12.0.0
TIBCO Software/Spotfire Analytics Platform For Awscpe-rescue
Range: 12.0.0
TIBCO Software/Tibco Spotfire Server Versionscpe-rescue
Range: 12.0.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.tibco.com/services/support/advisoriesmitrex_refsource_CONFIRM
www.tibco.com/support/advisories/2022/09/tibco-security-advisory-september-20-2022-tibco-spotfire-cve-2022-30579mitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000