Detections
Analytics

CVE-2022-30579

high

Description

The Web Player component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace and TIBCO Spotfire Server contains a difficult to exploit vulnerability that allows a low privileged attacker with network access to execute blind Server Side Request Forgery (SSRF) on the affected system. Affected releases are TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace: version 12.0.0 and TIBCO Spotfire Server: version 12.0.0.

References

https://www.tibco.com/support/advisories/2022/09/tibco-security-advisory-september-20-2022-tibco-spotfire-cve-2022-30579

https://www.tibco.com/services/support/advisories

Details

Source: Mitre, NVD

Published: 2022-09-20

Updated: 2026-06-17

Risk Information

CVSS v2

Base Score: 6.8

Vector: CVSS2#AV:N/AC:H/Au:S/C:C/I:C/A:P

Severity: Medium

CVSS v3

Base Score: 8.4

Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L

Severity: High

EPSS

EPSS: 0.00114