Spotfire Statistics Services
CVEs (7)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-29268 | Cri | 0.64 | 9.8 | 0.01 | Apr 26, 2023 | The Splus Server component of TIBCO Software Inc.'s TIBCO Spotfire Statistics Services contains a vulnerability that allows an unauthenticated remote attacker to upload or modify arbitrary files within the web server directory on the affected system. Affected releases are TIBCO… | ||
| CVE-2018-12410 | Cri | 0.64 | 9.8 | 0.04 | Oct 10, 2018 | The web server component of TIBCO Software Inc's Spotfire Statistics Services contains multiple vulnerabilities that may allow the remote execution of code. Without needing to authenticate, an attacker may be able to remotely execute code with the permissions of the system… | ||
| CVE-2021-28830 | Hig | 0.57 | 8.8 | 0.00 | Jun 29, 2021 | The TIBCO Spotfire Server and TIBCO Enterprise Runtime for R components of TIBCO Software Inc.'s TIBCO Enterprise Runtime for R - Server Edition, TIBCO Enterprise Runtime for R - Server Edition, TIBCO Enterprise Runtime for R - Server Edition, TIBCO Spotfire Analytics Platform… | ||
| CVE-2021-23275 | Hig | 0.57 | 8.8 | 0.00 | Jun 29, 2021 | The Windows Installation component of TIBCO Software Inc.'s TIBCO Enterprise Runtime for R - Server Edition, TIBCO Enterprise Runtime for R - Server Edition, TIBCO Enterprise Runtime for R - Server Edition, TIBCO Spotfire Analytics Platform for AWS Marketplace, TIBCO Spotfire… | ||
| CVE-2019-11204 | Hig | 0.57 | 8.8 | 0.02 | May 14, 2019 | The web interface component of TIBCO Software Inc.'s TIBCO Spotfire Statistics Services contains a vulnerability that might theoretically allow an authenticated user to access sensitive information needed by the Spotfire Statistics Services server. The sensitive information that… | ||
| CVE-2024-3331 | Med | 0.44 | 6.8 | 0.00 | Jun 27, 2024 | Vulnerability in Spotfire Spotfire Enterprise Runtime for R - Server Edition, Spotfire Spotfire Statistics Services, Spotfire Spotfire Analyst, Spotfire Spotfire Desktop, Spotfire Spotfire Server allows The impact of this vulnerability depends on the privileges of the user… | ||
| CVE-2013-2371 | 0.00 | — | 0.02 | Mar 15, 2013 | The Web API in the Statistics Server in TIBCO Spotfire Statistics Services 3.3.x before 3.3.1, 4.5.x before 4.5.1, and 5.0.x before 5.0.1 allows remote attackers to obtain sensitive information via an unspecified HTTP request. |
- risk 0.64cvss 9.8epss 0.01
The Splus Server component of TIBCO Software Inc.'s TIBCO Spotfire Statistics Services contains a vulnerability that allows an unauthenticated remote attacker to upload or modify arbitrary files within the web server directory on the affected system. Affected releases are TIBCO…
- risk 0.64cvss 9.8epss 0.04
The web server component of TIBCO Software Inc's Spotfire Statistics Services contains multiple vulnerabilities that may allow the remote execution of code. Without needing to authenticate, an attacker may be able to remotely execute code with the permissions of the system…
- risk 0.57cvss 8.8epss 0.00
The TIBCO Spotfire Server and TIBCO Enterprise Runtime for R components of TIBCO Software Inc.'s TIBCO Enterprise Runtime for R - Server Edition, TIBCO Enterprise Runtime for R - Server Edition, TIBCO Enterprise Runtime for R - Server Edition, TIBCO Spotfire Analytics Platform…
- risk 0.57cvss 8.8epss 0.00
The Windows Installation component of TIBCO Software Inc.'s TIBCO Enterprise Runtime for R - Server Edition, TIBCO Enterprise Runtime for R - Server Edition, TIBCO Enterprise Runtime for R - Server Edition, TIBCO Spotfire Analytics Platform for AWS Marketplace, TIBCO Spotfire…
- risk 0.57cvss 8.8epss 0.02
The web interface component of TIBCO Software Inc.'s TIBCO Spotfire Statistics Services contains a vulnerability that might theoretically allow an authenticated user to access sensitive information needed by the Spotfire Statistics Services server. The sensitive information that…
- risk 0.44cvss 6.8epss 0.00
Vulnerability in Spotfire Spotfire Enterprise Runtime for R - Server Edition, Spotfire Spotfire Statistics Services, Spotfire Spotfire Analyst, Spotfire Spotfire Desktop, Spotfire Spotfire Server allows The impact of this vulnerability depends on the privileges of the user…
- CVE-2013-2371Mar 15, 2013risk 0.00cvss —epss 0.02
The Web API in the Statistics Server in TIBCO Spotfire Statistics Services 3.3.x before 3.3.1, 4.5.x before 4.5.1, and 5.0.x before 5.0.1 allows remote attackers to obtain sensitive information via an unspecified HTTP request.