Show plain JSON{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:tibco:spotfire_statistics_services:3.3:*:*:*:*:*:*:*", "matchCriteriaId": "E117CD59-2503-4D42-AEDF-C25A16050EA9", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:tibco:spotfire_statistics_services:4.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "AB94D044-9222-4BE2-9CA8-4582719941D2", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:tibco:spotfire_statistics_services:5.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "276A6090-AE33-4AB2-8D4F-CA54889A6B15", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The Web API in the Statistics Server in TIBCO Spotfire Statistics Services 3.3.x before 3.3.1, 4.5.x before 4.5.1, and 5.0.x before 5.0.1 allows remote attackers to obtain sensitive information via an unspecified HTTP request."}, {"lang": "es", "value": "La API Web en el Statistics Server en TIBCO Spotfire Statistics Services v3.3.x anterior a v3.3.1, v4.5.x anterior a v4.5.1, y v5.0.x anterior a v5.0.1 permite a atacantes remotos obtener informaci\u00f3n sensible mediante una solicitud HTTP."}], "id": "CVE-2013-2371", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2013-03-15T22:55:00.913", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.tibco.com/mk/advisory.jsp"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.tibco.com/multimedia/spotfire-statistics-services-advisory-2013-03-12_tcm8-18479.txt"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.tibco.com/services/support/advisories/spotfire-advisory_20130313.jsp"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.tibco.com/mk/advisory.jsp"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.tibco.com/multimedia/spotfire-statistics-services-advisory-2013-03-12_tcm8-18479.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.tibco.com/services/support/advisories/spotfire-advisory_20130313.jsp"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]} 
ReportizFlow
MITRE
Vulnrichment
NVD
Redhat