Description
Session fixation vulnerability in TIBCO Spotfire Server 3.0.x before 3.0.2, 3.1.x before 3.1.2, 3.2.x before 3.2.1, and 3.3.x before 3.3.1, and Spotfire Analytics Server before 10.1.1, allows remote attackers to hijack web sessions via unspecified vectors.
References (4)
Core 4
Core References
Vendor Advisory x_refsource_confirm
http://www.tibco.com/services/support/advisories/default.jsp
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1025999
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/45864
Vendor Advisory x_refsource_confirm
http://www.tibco.com/multimedia/spotfire_advisory_20110831_tcm8-14230.txt
Scores
EPSS
0.0038
EPSS Percentile
59.4%
Details
Status
published
Products (8)
tibco/spotfire_analytics_server
10.0.0
tibco/spotfire_analytics_server
< 10.0.1
tibco/spotfire_server
3.0.0
tibco/spotfire_server
3.0.1
tibco/spotfire_server
3.1.0
tibco/spotfire_server
3.1.1
tibco/spotfire_server
3.2.0
tibco/spotfire_server
3.3.0
Published
Sep 02, 2011
Tracked Since
Feb 18, 2026