Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
3.5
CVSSv2

CVE-2021-23273

Published: 09/03/2021 Updated: 07/11/2023
CVSS v2 Base Score: 3.5 | Impact Score: 2.9 | Exploitability Score: 6.8
CVSS v3 Base Score: 5.4 | Impact Score: 2.7 | Exploitability Score: 2.3
VMScore: 312
Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N
Subscribe to Tibco

Vulnerability Summary

The Spotfire client component of TIBCO Software Inc.'s TIBCO Spotfire Analyst, TIBCO Spotfire Analytics Platform for AWS Marketplace, TIBCO Spotfire Desktop, and TIBCO Spotfire Server contains a vulnerability that theoretically allows a low privileged attacker with network access to execute a stored Cross Site Scripting (XSS) attack on the affected system. A successful attack using this vulnerability requires human interaction from a person other than the attacker. Affected releases are TIBCO Software Inc.'s TIBCO Spotfire Analyst: versions 10.3.3 and below, versions 10.10.0, 10.10.1, and 10.10.2, versions 10.7.0, 10.8.0, 10.9.0, 11.0.0, and 11.1.0, TIBCO Spotfire Analytics Platform for AWS Marketplace: versions 11.1.0 and below, TIBCO Spotfire Desktop: versions 10.3.3 and below, versions 10.10.0, 10.10.1, and 10.10.2, versions 10.7.0, 10.8.0, 10.9.0, 11.0.0, and 11.1.0, and TIBCO Spotfire Server: versions 10.3.11 and below, versions 10.10.0, 10.10.1, 10.10.2, and 10.10.3, versions 10.7.0, 10.8.0, 10.8.1, 10.9.0, 11.0.0, and 11.1.0.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

tibco spotfire server 10.7.0

tibco spotfire server 10.8.0

tibco spotfire server 10.8.1

tibco spotfire server 10.9.0

tibco spotfire server 10.10.0

tibco spotfire server 10.10.1

tibco spotfire desktop 10.8.0

tibco spotfire desktop 10.9.0

tibco spotfire desktop 10.10.0

tibco spotfire desktop 10.7.0

tibco spotfire analyst 10.8.0

tibco spotfire analyst 10.9.0

tibco spotfire analyst 10.10.0

tibco spotfire analyst 10.7.0

tibco spotfire server 11.1.0

tibco spotfire server 10.10.2

tibco spotfire server 10.10.3

tibco spotfire server 11.0.0

tibco spotfire server

tibco spotfire desktop 10.10.2

tibco spotfire desktop

tibco spotfire desktop 11.0.0

tibco spotfire desktop 11.1.0

tibco spotfire desktop 10.10.1

tibco analytics platform

tibco spotfire analyst 10.10.2

tibco spotfire analyst

tibco spotfire analyst 11.0.0

tibco spotfire analyst 11.1.0

tibco spotfire analyst 10.10.1

References

CWE-79http://www.tibco.com/services/support/advisorieshttps://www.tibco.com/support/advisories/2021/03/tibco-security-advisory-march-9-2021-tibco-spotfirehttps://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserializationCVE-2024-4040cross-site scriptingCVE-2023-25790CVE-2024-2961XML external entityCVE-2024-26926CVE-2024-32806CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook