Vulnerability Details CVE-2018-12409
The SOAP Admin API component of TIBCO Software Inc.'s TIBCO Silver Fabric contains a vulnerability that may allow reflected cross-site scripting (XSS) attacks. Affected releases are TIBCO Software Inc.'s TIBCO Silver Fabric: versions up to and including 5.8.1.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 54.1%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
- http://www.securityfocus.com/bid/107024
- http://www.tibco.com/services/support/advisories
- https://www.tibco.com/support/advisories/2019/02/tibco-security-advisory-february-13-2019-tibco-silver-fabric
- http://www.securityfocus.com/bid/107024
- http://www.tibco.com/services/support/advisories
- https://www.tibco.com/support/advisories/2019/02/tibco-security-advisory-february-13-2019-tibco-silver-fabric
Products affected by CVE-2018-12409
-
cpe:2.3:a:tibco:silver_fabric:5.5.0
-
cpe:2.3:a:tibco:silver_fabric:5.5.1
-
cpe:2.3:a:tibco:silver_fabric:5.6.0
-
cpe:2.3:a:tibco:silver_fabric:5.7.0
-
cpe:2.3:a:tibco:silver_fabric:5.7.1
-
cpe:2.3:a:tibco:silver_fabric:5.8.0
-
cpe:2.3:a:tibco:silver_fabric:5.8.1