nvd-json-data-feeds/CVE-2024/CVE-2024-33xx/CVE-2024-3331.json

{
  "id": "CVE-2024-3331",
  "sourceIdentifier": "security@tibco.com",
  "published": "2024-06-27T19:15:15.153",
  "lastModified": "2024-06-27T19:25:12.067",
  "vulnStatus": "Awaiting Analysis",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Vulnerability in Spotfire Spotfire Enterprise Runtime for R - Server Edition, Spotfire Spotfire Statistics Services, Spotfire Spotfire Analyst, Spotfire Spotfire Desktop, Spotfire Spotfire Server allows The impact of this vulnerability depends on the privileges of the user running the affected software..This issue affects Spotfire Enterprise Runtime for R - Server Edition: from 1.12.7 through 1.20.0; Spotfire Statistics Services: from 12.0.7 through 12.3.1, from 14.0.0 through 14.3.0; Spotfire Analyst: from 12.0.9 through 12.5.0, from 14.0.0 through 14.3.0; Spotfire Desktop: from 14.0 through 14.3.0; Spotfire Server: from 12.0.10 through 12.5.0, from 14.0.0 through 14.3.0."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad en Spotfire Spotfire Enterprise Runtime para R - Server Edition, Spotfire Spotfire Statistics Services, Spotfire Spotfire Analyst, Spotfire Spotfire Desktop, Spotfire Spotfire Server permite El impacto de esta vulnerabilidad depende de los privilegios del usuario que ejecuta el software afectado. Este problema afecta Spotfire Enterprise Runtime para R - Server Edition: desde 1.12.7 hasta 1.20.0; Servicios de estad\u00edsticas de Spotfire: de 12.0.7 a 12.3.1, de 14.0.0 a 14.3.0; Spotfire Analyst: del 12.0.9 al 12.5.0, del 14.0.0 al 14.3.0; Spotfire Desktop: de 14.0 a 14.3.0; Servidor Spotfire: desde 12.0.10 hasta 12.5.0, desde 14.0.0 hasta 14.3.0."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "security@tibco.com",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "REQUIRED",
          "scope": "CHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 6.8,
          "baseSeverity": "MEDIUM"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 4.0
      }
    ]
  },
  "references": [
    {
      "url": "https://community.spotfire.com/articles/spotfire/spotfire-security-advisory-june-262024-spotfire-cve-2024-3331-r3436/",
      "source": "security@tibco.com"
    }
  ]
}
Auto-Update: 2024-06-27T20:00:19.145330+00:00 2024-06-27 20:03:12 +00:00			`{`
			`"id": "CVE-2024-3331",`
			`"sourceIdentifier": "security@tibco.com",`
			`"published": "2024-06-27T19:15:15.153",`
			`"lastModified": "2024-06-27T19:25:12.067",`
			`"vulnStatus": "Awaiting Analysis",`
Auto-Update: 2024-07-14T02:00:17.787041+00:00 2024-07-14 02:06:08 +00:00			`"cveTags": [],`
Auto-Update: 2024-06-27T20:00:19.145330+00:00 2024-06-27 20:03:12 +00:00			`"descriptions": [`
			`{`
			`"lang": "en",`
			"value": "Vulnerability in Spotfire Spotfire Enterprise Runtime for R - Server Edition, Spotfire Spotfire Statistics Services, Spotfire Spotfire Analyst, Spotfire Spotfire Desktop, Spotfire Spotfire Server allows The impact of this vulnerability depends on the privileges of the user running the affected software..This issue affects Spotfire Enterprise Runtime for R - Server Edition: from 1.12.7 through 1.20.0; Spotfire Statistics Services: from 12.0.7 through 12.3.1, from 14.0.0 through 14.3.0; Spotfire Analyst: from 12.0.9 through 12.5.0, from 14.0.0 through 14.3.0; Spotfire Desktop: from 14.0 through 14.3.0; Spotfire Server: from 12.0.10 through 12.5.0, from 14.0.0 through 14.3.0."
Auto-Update: 2024-07-14T02:00:17.787041+00:00 2024-07-14 02:06:08 +00:00			`},`
			`{`
			`"lang": "es",`
			"value": "Vulnerabilidad en Spotfire Spotfire Enterprise Runtime para R - Server Edition, Spotfire Spotfire Statistics Services, Spotfire Spotfire Analyst, Spotfire Spotfire Desktop, Spotfire Spotfire Server permite El impacto de esta vulnerabilidad depende de los privilegios del usuario que ejecuta el software afectado. Este problema afecta Spotfire Enterprise Runtime para R - Server Edition: desde 1.12.7 hasta 1.20.0; Servicios de estad\u00edsticas de Spotfire: de 12.0.7 a 12.3.1, de 14.0.0 a 14.3.0; Spotfire Analyst: del 12.0.9 al 12.5.0, del 14.0.0 al 14.3.0; Spotfire Desktop: de 14.0 a 14.3.0; Servidor Spotfire: desde 12.0.10 hasta 12.5.0, desde 14.0.0 hasta 14.3.0."
Auto-Update: 2024-06-27T20:00:19.145330+00:00 2024-06-27 20:03:12 +00:00			`}`
			`],`
			`"metrics": {`
			`"cvssMetricV31": [`
			`{`
			`"source": "security@tibco.com",`
			`"type": "Secondary",`
			`"cvssData": {`
			`"version": "3.1",`
			`"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N",`
			`"attackVector": "NETWORK",`
			`"attackComplexity": "LOW",`
			`"privilegesRequired": "LOW",`
			`"userInteraction": "REQUIRED",`
			`"scope": "CHANGED",`
			`"confidentialityImpact": "HIGH",`
			`"integrityImpact": "NONE",`
			`"availabilityImpact": "NONE",`
			`"baseScore": 6.8,`
			`"baseSeverity": "MEDIUM"`
			`},`
			`"exploitabilityScore": 2.3,`
			`"impactScore": 4.0`
			`}`
			`]`
			`},`
			`"references": [`
			`{`
			`"url": "https://community.spotfire.com/articles/spotfire/spotfire-security-advisory-june-262024-spotfire-cve-2024-3331-r3436/",`
			`"source": "security@tibco.com"`
			`}`
			`]`
			`}`