← Back to CVE List

CVE-2023-26221

Published: 2023-11-08T20:15Z
Last Modified: 2024-11-21T07:50Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
The Spotfire Connectors component of TIBCO Software Inc.'s Spotfire Analyst, Spotfire Server, and Spotfire for AWS Marketplace contains an easily exploitable vulnerability that allows a low privileged attacker with read/write access to craft malicious Analyst files. A successful attack using this vulnerability requires human interaction from a person other than the attacker. Affected releases are TIBCO Software Inc.'s Spotfire Analyst: versions 12.3.0, 12.4.0, and 12.5.0, Spotfire Server: versions 12.3.0, 12.4.0, and 12.5.0, and Spotfire for AWS Marketplace: version 12.5.0. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt