CVE-2018-5430
TIBCO JasperReports Server Information Disclosure Vulnerability
CVSS
—
No CVSS
EPSS
48.8%
p99
KEV
YES
Dec 29, 2022
Exploit Today
80
0-100
Published: — · Last modified: —
Product
TIBCO / JasperReports
Vulnerability
TIBCO JasperReports Server Information Disclosure Vulnerability
Added to KEV
Dec 29, 2022
Remediate by
Jan 19, 2023
Known ransomware use
No
Summary description
TIBCO JasperReports Server contain a vulnerability which may allow any authenticated user read-only access to the contents of the web application, including key configuration files.
Required action
Apply updates per vendor instructions.
Notes
https://www.tibco.com/support/advisories/2018/04/tibco-security-advisory-april-17-2018-tibco-jasperreports-2018-5430;https://nvd.nist.gov/vuln/detail/CVE-2018-5430