CyberSec.Space Logo
CVEブラウザに戻る

CVE-2019-11211

CRITICAL
9.9
CVSS Severity Score
EPSS Score0.0340%
EPSS Percentile14.76th
Published2019年9月18日
Last Modified2024年11月21日

Vulnerability Description

The server component of TIBCO Software Inc.'s TIBCO Enterprise Runtime for R - Server Edition, and TIBCO Spotfire Analytics Platform for AWS Marketplace contains a vulnerability that theoretically allows an authenticated user to trigger remote code execution in certain circumstances. When the affected component runs with the containerized TERR service on Linux the host can theoretically be tricked into running malicious code. This issue affects: TIBCO Enterprise Runtime for R - Server Edition version 1.2.0 and below, and TIBCO Spotfire Analytics Platform for AWS Marketplace 10.4.0; 10.5.0.

Affected Platforms (CPE)

📦
Tibco

Enterprise Runtime For R

<= 1.2.0
📦
Tibco

Spotfire Analytics Platform For Aws

= 10.4.0
📦
Tibco

Spotfire Analytics Platform For Aws

= 10.5.0

References & Advisories

🔗 http://www.tibco.com/services/support/advisories
🔗 https://www.tibco.com/support/advisories/2019/09/tibco-security-advisory-september-17-2019-tibco-enterprise-runtime-for-r-server-2019-11211
🔗 http://www.tibco.com/services/support/advisories
🔗 https://www.tibco.com/support/advisories/2019/09/tibco-security-advisory-september-17-2019-tibco-enterprise-runtime-for-r-server-2019-11211

関連する脆弱性情報

CVE-2019-1121010.0

The server component of TIBCO Software Inc.'s TIBCO Enterprise Runtime for R - Server Edition, and TIBCO Spotfire Analytics Platfo...

CVE-2021-288279.6

The Administration GUI component of TIBCO Software Inc.'s TIBCO Administrator - Enterprise Edition, TIBCO Administrator - Enterpri...

CVE-2021-232758.8

The Windows Installation component of TIBCO Software Inc.'s TIBCO Enterprise Runtime for R - Server Edition, TIBCO Enterprise Runt...

CVE-2021-288308.8

The TIBCO Spotfire Server and TIBCO Enterprise Runtime for R components of TIBCO Software Inc.'s TIBCO Enterprise Runtime for R - ...