Main Vulnerability Database Vulnerabilities #VU21212

#VU21212 Input validation error in TIBCO Spotfire for AWS and TIBCO Enterprise Runtime for R - Server Edition - CVE-2019-11210

Published: September 19, 2019

Vulnerability identifier: #VU21212

Vulnerability risk: High

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber

CVE-ID: CVE-2019-11210

CWE-ID: CWE-20

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
TIBCO Spotfire for AWS
TIBCO Enterprise Runtime for R - Server Edition

Software vendor:
TIBCO

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to unspecified error. A remote unauthenticated attacker can execute arbitrary code on the target system and gain full control of the operating system account hosting the affected component.

Remediation

Install updates from vendor's website.

External links

http://www.tibco.com/services/support/advisories
https://www.tibco.com/support/advisories/2019/09/tibco-security-advisory-september-17-2019-tibco-enterprise-runtime-for-r-server-2019-11210

#VU21212 Input validation error in TIBCO Spotfire for AWS and TIBCO Enterprise Runtime for R - Server Edition - CVE-2019-11210

Description

Remediation

External links

Please verify you're human