Product: TIBCO Spotfire®
Security Advisory for TIBCO Spotfire Statistics Services
Resolution:
TIBCO Spotfire Statistics Services vulnerabilities
Original release date: March 13, 2013
Last revised: --
Source: TIBCO Software Inc.
Systems Affected
TIBCO Spotfire Statistics Services version 3.3.0
TIBCO Spotfire Statistics Services version 4.5.0
TIBCO Spotfire Statistics Services version 5.0.0
The following components are affected:
* TIBCO Spotfire Statistics Server Web API
Description
The TIBCO Spotfire Statistics Services components listed above contain
a critical vulnerability in the handling of HTTP requests which may result
in information disclosure.
TIBCO has released updated versions of the affected software products
which address these issues. TIBCO strongly recommends sites running the
affected components install the applicable update as described below.
Impact
The impact of this vulnerability is information disclosure.
Solution
For each affected system, update to the corresponding software versions:
TIBCO Spotfire Statistics Services version 3.3.X version 3.3.1 or higher
TIBCO Spotfire Statistics Services version 4.5.X version 4.5.1 or higher
TIBCO Spotfire Statistics Services version 5.0.1 or higher
References
http://www.tibco.com/mk/advisory.jsp
CVE: CVE-2013-2371
Please see the web site listed above for any updates to this advisory
Comments
0 comments
Article is closed for comments.