Vulnerabilities > Tibco > Spotfire Analytics Platform FOR AWS > 10.4.0

DATE CVE VULNERABILITY TITLE RISK
2020-03-11 CVE-2020-9408 Incorrect Default Permissions vulnerability in Tibco products
The Spotfire library component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace and TIBCO Spotfire Server contains a vulnerability that theoretically allows an attacker with write permissions to the Spotfire Library, but not "Script Author" group permission, to modify attributes of files and objects saved to the library such that the system treats them as trusted.
network
low complexity
tibco CWE-276
critical
 9.0
9.0
2019-09-18 CVE-2019-11211 Unspecified vulnerability in Tibco products
The server component of TIBCO Software Inc.'s TIBCO Enterprise Runtime for R - Server Edition, and TIBCO Spotfire Analytics Platform for AWS Marketplace contains a vulnerability that theoretically allows an authenticated user to trigger remote code execution in certain circumstances.
network
low complexity
tibco
critical
 9.0
9.0
2019-09-18 CVE-2019-11210 Unspecified vulnerability in Tibco products
The server component of TIBCO Software Inc.'s TIBCO Enterprise Runtime for R - Server Edition, and TIBCO Spotfire Analytics Platform for AWS Marketplace contains a vulnerability that theoretically allows an unauthenticated user to bypass access controls and remotely execute code using the operating system account hosting the affected component.
network
low complexity
tibco
critical
 10.0
10