CyberSec.Space Logo
CVEブラウザに戻る

CVE-2019-11210

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0430%
EPSS Percentile26.29th
Published2019年9月18日
Last Modified2024年11月21日

Vulnerability Description

The server component of TIBCO Software Inc.'s TIBCO Enterprise Runtime for R - Server Edition, and TIBCO Spotfire Analytics Platform for AWS Marketplace contains a vulnerability that theoretically allows an unauthenticated user to bypass access controls and remotely execute code using the operating system account hosting the affected component. This issue affects: TIBCO Enterprise Runtime for R - Server Edition versions 1.2.0 and below, and TIBCO Spotfire Analytics Platform for AWS Marketplace versions 10.4.0 and 10.5.0.

Affected Platforms (CPE)

📦
Tibco

Enterprise Runtime For R

<= 1.2.0
📦
Tibco

Spotfire Analytics Platform For Aws

= 10.4.0
📦
Tibco

Spotfire Analytics Platform For Aws

= 10.5.0

References & Advisories

🔗 http://www.tibco.com/services/support/advisories
🔗 https://www.tibco.com/support/advisories/2019/09/tibco-security-advisory-september-17-2019-tibco-enterprise-runtime-for-r-server-2019-11210
🔗 http://www.tibco.com/services/support/advisories
🔗 https://www.tibco.com/support/advisories/2019/09/tibco-security-advisory-september-17-2019-tibco-enterprise-runtime-for-r-server-2019-11210

関連する脆弱性情報

CVE-2019-112119.9

The server component of TIBCO Software Inc.'s TIBCO Enterprise Runtime for R - Server Edition, and TIBCO Spotfire Analytics Platfo...

CVE-2021-288279.6

The Administration GUI component of TIBCO Software Inc.'s TIBCO Administrator - Enterprise Edition, TIBCO Administrator - Enterpri...

CVE-2021-232758.8

The Windows Installation component of TIBCO Software Inc.'s TIBCO Enterprise Runtime for R - Server Edition, TIBCO Enterprise Runt...

CVE-2021-288308.8

The TIBCO Spotfire Server and TIBCO Enterprise Runtime for R components of TIBCO Software Inc.'s TIBCO Enterprise Runtime for R - ...