Strix
26.1K

CVE-2018-5437

UnknownEPSS 0.93%

Last modified

CVE-2018-5437 is a vulnerability of currently unknown severity. The TIBCO Spotfire Client and TIBCO Spotfire Web Player Client components of TIBCO Software Inc.'s TIBCO Spotfire Analyst, TIBCO Spotfire Analytics Platform for AWS Marketplace, TIBCO Spotfire Deployment Kit, TIBCO Spotfire Desktop, and TIBCO Spotfire Desktop Language Packs contain multiple vulnerabilities that may allow for unauthorized information disclosure. Affected releases are TIBCO Software Inc.'s TIBCO Spotfire Analyst: versions up to and including 7.8.0; 7.9.0; 7.9.1; 7.10.0; 7.10.1; 7.11.0; 7.12.0, TIBCO Spotfire Analytics Platform for AWS Marketplace: versions up to and including 7.12.0, TIBCO Spotfire Deployment Kit: versions up to and including 7.8.0; 7.9.0;7.9.1;7.10.0;7.10.1;7.11.0; 7.12.0, TIBCO Spotfire Desktop: versions up to and including 7.8.0; 7.9.0; 7.9.1; 7.10.0; 7.10.1; 7.11.0;7.12.0, TIBCO Spotfire Desktop Language Packs: versions up to and including 7.8.0; 7.9.0; 7.9.1; 7.10.0; 7.10.1; 7.11.0.. EPSS estimates a 0.93% chance of exploitation in the next 30 days.

Description

The TIBCO Spotfire Client and TIBCO Spotfire Web Player Client components of TIBCO Software Inc.'s TIBCO Spotfire Analyst, TIBCO Spotfire Analytics Platform for AWS Marketplace, TIBCO Spotfire Deployment Kit, TIBCO Spotfire Desktop, and TIBCO Spotfire Desktop Language Packs contain multiple vulnerabilities that may allow for unauthorized information disclosure. Affected releases are TIBCO Software Inc.'s TIBCO Spotfire Analyst: versions up to and including 7.8.0; 7.9.0; 7.9.1; 7.10.0; 7.10.1; 7.11.0; 7.12.0, TIBCO Spotfire Analytics Platform for AWS Marketplace: versions up to and including 7.12.0, TIBCO Spotfire Deployment Kit: versions up to and including 7.8.0; 7.9.0;7.9.1;7.10.0;7.10.1;7.11.0; 7.12.0, TIBCO Spotfire Desktop: versions up to and including 7.8.0; 7.9.0; 7.9.1; 7.10.0; 7.10.1; 7.11.0;7.12.0, TIBCO Spotfire Desktop Language Packs: versions up to and including 7.8.0; 7.9.0; 7.9.1; 7.10.0; 7.10.1; 7.11.0.

Metrics

EPSS Probability
0.93%

56.1th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

VendorProductVersions
TibcoSpotfire Analyst<= 7.8.0
TibcoSpotfire Analyst7.9.0
TibcoSpotfire Analyst7.9.1
TibcoSpotfire Analyst7.10.0
TibcoSpotfire Analyst7.10.1
TibcoSpotfire Analyst7.11.0
TibcoSpotfire Analyst7.12.0
TibcoSpotfire Analytics Platform For Aws<= 7.12.0
TibcoSpotfire Deployment Kit<= 7.8.0
TibcoSpotfire Deployment Kit7.9.0
TibcoSpotfire Deployment Kit7.9.1
TibcoSpotfire Deployment Kit7.10.0
TibcoSpotfire Deployment Kit7.10.1
TibcoSpotfire Deployment Kit7.11.0
TibcoSpotfire Deployment Kit7.12.0
TibcoSpotfire Desktop<= 7.8.0
TibcoSpotfire Desktop7.9.0
TibcoSpotfire Desktop7.9.1
TibcoSpotfire Desktop7.10.0
TibcoSpotfire Desktop7.10.1
TibcoSpotfire Desktop7.11.0
TibcoSpotfire Desktop7.12.0
TibcoSpotfire Desktop Language Packs<= 7.8.0
TibcoSpotfire Desktop Language Packs7.9.0
TibcoSpotfire Desktop Language Packs7.9.1
TibcoSpotfire Desktop Language Packs7.10.0
TibcoSpotfire Desktop Language Packs7.10.1
TibcoSpotfire Desktop Language Packs7.11.0

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2018-5437?
The TIBCO Spotfire Client and TIBCO Spotfire Web Player Client components of TIBCO Software Inc.'s TIBCO Spotfire Analyst, TIBCO Spotfire Analytics Platform for AWS Marketplace, TIBCO Spotfire Deployment Kit, TIBCO Spotfire Desktop, and TIBCO Spotfire Desktop Language Packs contain multiple vulnerabilities that may allow for unauthorized information disclosure. Affected releases are TIBCO Software Inc.'s TIBCO Spotfire Analyst: versions up to and including 7.8.0; 7.9.0; 7.9.1; 7.10.0; 7.10.1; 7.11.0; 7.12.0, TIBCO Spotfire Analytics Platform for AWS Marketplace: versions up to and including 7.12.0, TIBCO Spotfire Deployment Kit: versions up to and including 7.8.0; 7.9.0;7.9.1;7.10.0;7.10.1;7.11.0; 7.12.0, TIBCO Spotfire Desktop: versions up to and including 7.8.0; 7.9.0; 7.9.1; 7.10.0; 7.10.1; 7.11.0;7.12.0, TIBCO Spotfire Desktop Language Packs: versions up to and including 7.8.0; 7.9.0; 7.9.1; 7.10.0; 7.10.1; 7.11.0.
How severe is CVE-2018-5437?
Severity scoring for CVE-2018-5437 is pending analysis. The EPSS model estimates a 0.93% probability of exploitation in the next 30 days.
How do I fix CVE-2018-5437?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2018-5437?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST