CVE-2023-26221
CVSS V2 None
CVSS V3 None
Description
The Spotfire Connectors component of TIBCO Software Inc.'s Spotfire Analyst, Spotfire Server, and Spotfire for AWS Marketplace contains an easily exploitable vulnerability that allows a low privileged attacker with read/write access to craft malicious Analyst files. A successful attack using this vulnerability requires human interaction from a person other than the attacker. Affected releases are TIBCO Software Inc.'s Spotfire Analyst: versions 12.3.0, 12.4.0, and 12.5.0, Spotfire Server: versions 12.3.0, 12.4.0, and 12.5.0, and Spotfire for AWS Marketplace: version 12.5.0.
Overview
- CVE ID
- CVE-2023-26221
- Assigner
- tibco
- Vulnerability Status
- PUBLISHED
- Published Version
- 2023-11-08T19:44:03.634Z
- Last Modified Date
- 2023-11-08T19:44:03.634Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://www.tibco.com/services/support/advisories |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2023-26221 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26221 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-06-24 23:17:07 | Added to TrackCVE |