CVE-2013-2371

TIBCO Spotfire Statistics Services 3.3.x-4.5.x, 5.0.x - Exposure of Sensitive Information via Web API

Title source: llm

Description

The Web API in the Statistics Server in TIBCO Spotfire Statistics Services 3.3.x before 3.3.1, 4.5.x before 4.5.1, and 5.0.x before 5.0.1 allows remote attackers to obtain sensitive information via an unspecified HTTP request.

References (3)

Core 3

Core References

Vendor Advisory x_refsource_confirm

http://www.tibco.com/services/support/advisories/spotfire-advisory_20130313.jsp

Vendor Advisory x_refsource_confirm

http://www.tibco.com/mk/advisory.jsp

Vendor Advisory x_refsource_confirm

http://www.tibco.com/multimedia/spotfire-statistics-services-advisory-2013-03-12_tcm8-18479.txt

Scores

EPSS 0.0045

EPSS Percentile 64.0%

Details

CWE

CWE-200

Status published

Products (3)

tibco/spotfire_statistics_services 3.3

tibco/spotfire_statistics_services 4.5.0

tibco/spotfire_statistics_services 5.0.0

Published Mar 15, 2013

Tracked Since Feb 18, 2026