Vulnerability Details CVE-2012-0690
TIBCO Spotfire Web Application, Web Player Application, Automation Services Application, and Analytics Client Application in Spotfire Analytics Server before 10.1.2; Server before 3.3.3; and Web Player, Automation Services, and Professional before 4.0.2 allow remote attackers to obtain sensitive information via a crafted URL.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 44.6%
CVSS Severity
CVSS v2 Score 5.0
References
- http://www.tibco.com/multimedia/spotfire_advisory_20120308_tcm8-15731.txt
- http://www.tibco.com/services/support/advisories/amx-be-spotfire-advisory_20120308.jsp
- http://www.tibco.com/multimedia/spotfire_advisory_20120308_tcm8-15731.txt
- http://www.tibco.com/services/support/advisories/amx-be-spotfire-advisory_20120308.jsp
Products affected by CVE-2012-0690
-
cpe:2.3:a:tibco:spotfire_analytics_server:10.0.0
-
cpe:2.3:a:tibco:spotfire_analytics_server:10.0.1
-
cpe:2.3:a:tibco:spotfire_professional:3.3.3
-
cpe:2.3:a:tibco:spotfire_professional:4.0.1
-
cpe:2.3:a:tibco:spotfire_server:3.0.0
-
cpe:2.3:a:tibco:spotfire_server:3.0.1
-
cpe:2.3:a:tibco:spotfire_server:3.1.0
-
cpe:2.3:a:tibco:spotfire_server:3.1.1
-
cpe:2.3:a:tibco:spotfire_server:3.2.0
-
cpe:2.3:a:tibco:spotfire_server:3.3.0
-
cpe:2.3:a:tibco:web_player_automation_services:*