CVE-2013-2371
Summary
| CVE | CVE-2013-2371 |
|---|---|
| State | PUBLISHED |
| Assigner | mitre |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2013-03-15 22:55:00 UTC |
| Updated | 2026-04-29 01:13:23 UTC |
| Description | The Web API in the Statistics Server in TIBCO Spotfire Statistics Services 3.3.x before 3.3.1, 4.5.x before 4.5.1, and 5.0.x before 5.0.1 allows remote attackers to obtain sensitive information via an unspecified HTTP request. |
Risk And Classification
CVSS v2.0 Breakdown
Access Vector
NetworkAccess Complexity
LowAuthentication
NoneConfidentiality
PartialIntegrity
NoneAvailability
NoneAV:N/AC:L/Au:N/C:P/I:N/A:N
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Tibco | Spotfire Statistics Services | 3.3 | All | All | All |
| Application | Tibco | Spotfire Statistics Services | 4.5.0 | All | All | All |
| Application | Tibco | Spotfire Statistics Services | 5.0.0 | All | All | All |
Vendor Declared Affected Products
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Advisory | TIBCO Software | af854a3a-2127-422b-91ae-364da2661108 | www.tibco.com | Vendor Advisory |
| 404 Not Found | af854a3a-2127-422b-91ae-364da2661108 | www.tibco.com | Vendor Advisory |
| TIBCO Spotfire® Statistics Services, TIBCO Spotfire Web Player | TIBCO | af854a3a-2127-422b-91ae-364da2661108 | www.tibco.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.