RSS   Vulnerabilities for
'Jasperreports server for activematrix bpm'
   RSS

2017-06-29
 
CVE-2017-5529

CWE-200
 

 
JasperReports library components contain an information disclosure vulnerability. This vulnerability includes the theoretical disclosure of any accessible information from the host file system. Affects TIBCO JasperReports Library Community Edition (versions 6.4.0 and below), TIBCO JasperReports Library for ActiveMatrix BPM (versions 6.2.0 and below), TIBCO JasperReports Professional (versions 6.2.1 and below, and 6.3.0), TIBCO JasperReports Server (versions 6.1.1 and below, 6.2.0, 6.2.1, 6.3.0), TIBCO JasperReports Server Community Edition (versions 6.3.0 and below), TIBCO JasperReports Server for ActiveMatrix BPM (versions 6.2.0 and below), TIBCO Jaspersoft for AWS with Multi-Tenancy (versions 6.3.0 and below), TIBCO Jaspersoft Reporting and Analytics for AWS (versions 6.3.0 and below), and TIBCO Jaspersoft Studio for ActiveMatrix BPM (versions 6.2.0 and below).

 
 
CVE-2017-5528

 

 
Multiple JasperReports Server components contain vulnerabilities which may allow authorized users to perform cross-site scripting (XSS) and cross-site request forgery (CSRF) attacks. The impact of this vulnerability includes the theoretical disclosure of sensitive information. Affects TIBCO JasperReports Server (versions 6.1.1 and below, 6.2.0, 6.2.1, and 6.3.0), TIBCO JasperReports Server Community Edition (versions 6.3.0 and below), TIBCO JasperReports Server for ActiveMatrix BPM (versions 6.2.0 and below), TIBCO Jaspersoft for AWS with Multi-Tenancy (versions 6.2.0 and below), and TIBCO Jaspersoft Reporting and Analytics for AWS (versions 6.2.0 and below).

 

 >>> Vendor: Tibco 98 Products
HAWK
Hawk monitoring agent
Runtime agent
Rendezvous
Smart pgm fx
Enterprise message service
Rtworks
Smartsockets rtserver
Adapter files z os
Iprocess engine
Rendezvous datasecurity
Rendezvous tx
Substantiation es
Mainframe service tracker
Smartsockets
Administrator
Activematrix businessworks service engine
Activematrix service bus
Activematrix service grid
Activematrix service performance manager
Activematrix bpm
Silver bpm service
Silver cap service
Activecatalog
Collaborative information manager
Silver businessworks service
Tibbr
Tibbr service
Iprocess workspace
Spotfire analytics server
Spotfire server
Managed file transfer command center
Managed file transfer internet server
Slingshot
Activematrix businessworks
Businessevents
Silver fabric activematrix service grid distribution
Spotfire professional
Web player automation services
Formvine
Spotfire statistics services
Spotfire web player
Silver mobile
Enterprise administrator
Enterprise administrator sdk
Messaging appliance
Analyst
Automation services
Deployment kit
Desktop
Web player
Vault
Silver fabric enabler
Spotfire deployment kit
Activematrix management agent
Activematrix policy agent
Activematrix policy manager
Silver fabric enabler for spotfire webplayer
Spotfire analyst
Spotfire analytics platform for aws
Spotfire automation services
Spotfire desktop
Spotfire desktop language packs
Rendezvous network server
Substation es
Loglogic unity
Enterprise message service appliance
Enterprise message service appliance firmware
Jasperreports server community edition
Jasperreports server for activematrix bpm
Jasperreports server
Jaspersoft for aws with multitenancy
Jaspersoft reporting and analytics for aws
Jasperreports library community edition
Jaspersoft studio for activematrix bpm
Jasperreports professional
Jaspersoft for aws with multi-tenancy
Jasperreports library for activematrix bpm
Jasperreports library
Jaspersoft
Jaspersoft reporting and analytics
Jaspersoft studio
Businessworks process monitor
Datasynapse gridserver manager
Data virtualization
Silver fabric enabler for spotfire web player
Spotfire connectors
Spotfire client
Spotfire web player client
Activematrix businessworks distribution for tibco silver fabric
Statistica server
Activespaces
Messaging - apache kafka distribution - schema repository
Rendezvous for z/linux
Rendezvous for z/os
Silver fabric
Data science for aws
Spotfire data science


Copyright 2019, cxsecurity.com

 

Back to Top