Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for TIBCO Patterns - Search by TIBCO Software Inc.

    CVE-2019-17338 (GCVE-0-2019-17338)

    Vulnerability from nvd – Published: 2020-01-28 18:00 – Updated: 2024-09-17 01:36
    VLAI
    Title
    TIBCO Patterns - Search Exposes Cross Site Scripting Vulnerabilities
    Summary
    The user interface component of TIBCO Software Inc.'s TIBCO Patterns - Search contains multiple vulnerabilities that theoretically allow authenticated users to perform persistent cross-site scripting (XSS) attacks. Affected releases are TIBCO Software Inc.'s TIBCO Patterns - Search: versions 5.4.0 and below.
    CWE
    • The impact of these vulnerabilities includes the theoretical possibility that an attacker could gain all privileges available via the affected component.
    Assigner
    References
    Impacted products
    Vendor Product Version
    TIBCO Software Inc. TIBCO Patterns - Search Affected: unspecified , ≤ 5.4.0 (custom)
    Create a notification for this product.
    Date Public
    2020-01-28 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T01:40:14.472Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.tibco.com/services/support/advisories"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.tibco.com/support/advisories/2020/01/tibco-security-advisory-january-28-2020-tibco-patterns"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "TIBCO Patterns - Search",
              "vendor": "TIBCO Software Inc.",
              "versions": [
                {
                  "lessThanOrEqual": "5.4.0",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2020-01-28T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The user interface component of TIBCO Software Inc.\u0027s TIBCO Patterns - Search contains multiple vulnerabilities that theoretically allow authenticated users to perform persistent cross-site scripting (XSS) attacks. Affected releases are TIBCO Software Inc.\u0027s TIBCO Patterns - Search: versions 5.4.0 and below."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "The impact of these vulnerabilities includes the theoretical possibility that an attacker could gain all privileges available via the affected component.",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-01-28T18:00:20.000Z",
            "orgId": "4f830c72-39e4-45f6-a99f-78cc01ae04db",
            "shortName": "tibco"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.tibco.com/services/support/advisories"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.tibco.com/support/advisories/2020/01/tibco-security-advisory-january-28-2020-tibco-patterns"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "TIBCO has released updated versions of the affected components which address these issues.\n\nTIBCO Patterns - Search versions 5.4.0 and below update to version 5.5.0 or higher"
            }
          ],
          "source": {
            "discovery": "INTERNAL"
          },
          "title": "TIBCO Patterns - Search Exposes Cross Site Scripting Vulnerabilities",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@tibco.com",
              "DATE_PUBLIC": "2020-01-28T17:00:00Z",
              "ID": "CVE-2019-17338",
              "STATE": "PUBLIC",
              "TITLE": "TIBCO Patterns - Search Exposes Cross Site Scripting Vulnerabilities"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "TIBCO Patterns - Search",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c=",
                                "version_value": "5.4.0"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "TIBCO Software Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The user interface component of TIBCO Software Inc.\u0027s TIBCO Patterns - Search contains multiple vulnerabilities that theoretically allow authenticated users to perform persistent cross-site scripting (XSS) attacks. Affected releases are TIBCO Software Inc.\u0027s TIBCO Patterns - Search: versions 5.4.0 and below."
                }
              ]
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "The impact of these vulnerabilities includes the theoretical possibility that an attacker could gain all privileges available via the affected component."
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.tibco.com/services/support/advisories",
                  "refsource": "CONFIRM",
                  "url": "http://www.tibco.com/services/support/advisories"
                },
                {
                  "name": "https://www.tibco.com/support/advisories/2020/01/tibco-security-advisory-january-28-2020-tibco-patterns",
                  "refsource": "CONFIRM",
                  "url": "https://www.tibco.com/support/advisories/2020/01/tibco-security-advisory-january-28-2020-tibco-patterns"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "TIBCO has released updated versions of the affected components which address these issues.\n\nTIBCO Patterns - Search versions 5.4.0 and below update to version 5.5.0 or higher"
              }
            ],
            "source": {
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "4f830c72-39e4-45f6-a99f-78cc01ae04db",
        "assignerShortName": "tibco",
        "cveId": "CVE-2019-17338",
        "datePublished": "2020-01-28T18:00:20.291Z",
        "dateReserved": "2019-10-07T00:00:00.000Z",
        "dateUpdated": "2024-09-17T01:36:54.758Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-17338 (GCVE-0-2019-17338)

    Vulnerability from cvelistv5 – Published: 2020-01-28 18:00 – Updated: 2024-09-17 01:36
    VLAI
    Title
    TIBCO Patterns - Search Exposes Cross Site Scripting Vulnerabilities
    Summary
    The user interface component of TIBCO Software Inc.'s TIBCO Patterns - Search contains multiple vulnerabilities that theoretically allow authenticated users to perform persistent cross-site scripting (XSS) attacks. Affected releases are TIBCO Software Inc.'s TIBCO Patterns - Search: versions 5.4.0 and below.
    CWE
    • The impact of these vulnerabilities includes the theoretical possibility that an attacker could gain all privileges available via the affected component.
    Assigner
    References
    Impacted products
    Vendor Product Version
    TIBCO Software Inc. TIBCO Patterns - Search Affected: unspecified , ≤ 5.4.0 (custom)
    Create a notification for this product.
    Date Public
    2020-01-28 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T01:40:14.472Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.tibco.com/services/support/advisories"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.tibco.com/support/advisories/2020/01/tibco-security-advisory-january-28-2020-tibco-patterns"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "TIBCO Patterns - Search",
              "vendor": "TIBCO Software Inc.",
              "versions": [
                {
                  "lessThanOrEqual": "5.4.0",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2020-01-28T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The user interface component of TIBCO Software Inc.\u0027s TIBCO Patterns - Search contains multiple vulnerabilities that theoretically allow authenticated users to perform persistent cross-site scripting (XSS) attacks. Affected releases are TIBCO Software Inc.\u0027s TIBCO Patterns - Search: versions 5.4.0 and below."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "The impact of these vulnerabilities includes the theoretical possibility that an attacker could gain all privileges available via the affected component.",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-01-28T18:00:20.000Z",
            "orgId": "4f830c72-39e4-45f6-a99f-78cc01ae04db",
            "shortName": "tibco"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.tibco.com/services/support/advisories"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.tibco.com/support/advisories/2020/01/tibco-security-advisory-january-28-2020-tibco-patterns"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "TIBCO has released updated versions of the affected components which address these issues.\n\nTIBCO Patterns - Search versions 5.4.0 and below update to version 5.5.0 or higher"
            }
          ],
          "source": {
            "discovery": "INTERNAL"
          },
          "title": "TIBCO Patterns - Search Exposes Cross Site Scripting Vulnerabilities",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@tibco.com",
              "DATE_PUBLIC": "2020-01-28T17:00:00Z",
              "ID": "CVE-2019-17338",
              "STATE": "PUBLIC",
              "TITLE": "TIBCO Patterns - Search Exposes Cross Site Scripting Vulnerabilities"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "TIBCO Patterns - Search",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c=",
                                "version_value": "5.4.0"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "TIBCO Software Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The user interface component of TIBCO Software Inc.\u0027s TIBCO Patterns - Search contains multiple vulnerabilities that theoretically allow authenticated users to perform persistent cross-site scripting (XSS) attacks. Affected releases are TIBCO Software Inc.\u0027s TIBCO Patterns - Search: versions 5.4.0 and below."
                }
              ]
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "The impact of these vulnerabilities includes the theoretical possibility that an attacker could gain all privileges available via the affected component."
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.tibco.com/services/support/advisories",
                  "refsource": "CONFIRM",
                  "url": "http://www.tibco.com/services/support/advisories"
                },
                {
                  "name": "https://www.tibco.com/support/advisories/2020/01/tibco-security-advisory-january-28-2020-tibco-patterns",
                  "refsource": "CONFIRM",
                  "url": "https://www.tibco.com/support/advisories/2020/01/tibco-security-advisory-january-28-2020-tibco-patterns"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "TIBCO has released updated versions of the affected components which address these issues.\n\nTIBCO Patterns - Search versions 5.4.0 and below update to version 5.5.0 or higher"
              }
            ],
            "source": {
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "4f830c72-39e4-45f6-a99f-78cc01ae04db",
        "assignerShortName": "tibco",
        "cveId": "CVE-2019-17338",
        "datePublished": "2020-01-28T18:00:20.291Z",
        "dateReserved": "2019-10-07T00:00:00.000Z",
        "dateUpdated": "2024-09-17T01:36:54.758Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }