Vulnerability Change Records for CVE-2018-18808

Change History

Initial Analysis 3/11/2019 2:53:37 PM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:a:tibco:jasperreports_server:*:*:*:*:*:*:*:* versions up to (including) 6.3.4
     *cpe:2.3:a:tibco:jasperreports_server:6.4.0:*:*:*:*:*:*:*
     *cpe:2.3:a:tibco:jasperreports_server:6.4.1:*:*:*:*:*:*:*
     *cpe:2.3:a:tibco:jasperreports_server:6.4.2:*:*:*:*:*:*:*
     *cpe:2.3:a:tibco:jasperreports_server:6.4.3:*:*:*:*:*:*:*
     *cpe:2.3:a:tibco:jasperreports_server:*:*:*:*:*:activematrix_bpm:*:* versions up to (including) 6.4.3
     *cpe:2.3:a:tibco:jasperreports_server:7.1.0:*:*:*:*:*:*:*
     *cpe:2.3:a:tibco:jasperreports_server:*:*:*:*:community:*:*:* versions up to (including) 7.1.0
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:a:tibco:jaspersoft:*:*:*:*:*:aws_with_multi-tenancy:*:* versions up to (including) 7.1.0
     *cpe:2.3:a:tibco:jaspersoft_reporting_and_analytics:*:*:*:*:*:aws:*:* versions up to (including) 7.1.0
Added CVSS V2

								
							
							
						
(AV:N/AC:M/Au:S/C:C/I:C/A:C)
Added CVSS V3

								
							
							
						
AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Added CWE

								
							
							
						
CWE-362
Changed Reference Type
http://www.tibco.com/services/support/advisories No Types Assigned
http://www.tibco.com/services/support/advisories Vendor Advisory
Changed Reference Type
https://www.tibco.com/support/advisories/2019/03/tibco-security-advisory-march-6-2019-tibco-jasperreports-server-2018-18808 No Types Assigned
https://www.tibco.com/support/advisories/2019/03/tibco-security-advisory-march-6-2019-tibco-jasperreports-server-2018-18808 Vendor Advisory

CVE Modified by TIBCO Software Inc. 10/09/2019 7:37:26 PM

Action Type Old Value New Value
Added CVSS V3

								
							
							
						
TIBCO Software Inc. AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Modified Analysis 3/14/2019 1:12:41 PM

Action Type Old Value New Value
Changed Reference Type
http://www.securityfocus.com/bid/107350 No Types Assigned
http://www.securityfocus.com/bid/107350 Third Party Advisory, VDB Entry

CVE Modified by TIBCO Software Inc. 3/12/2019 6:29:02 AM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.securityfocus.com/bid/107350 [No Types Assigned]