cnvd - cnvd-2020-34447

cnvd-2020-34447

Vulnerability from cnvd

Title: TIBCO Software TIBCO JasperReports Server权限提升漏洞

Description:

TIBCO Software JasperReports Server是美国TIBCO Software公司的一款可嵌入的报告服务器，它提供可以嵌入到Web或移动设备中的报告和分析功能。

TIBCO Software TIBCO JasperReports Server 7.1.1及之前版本、TIBCO JasperReports Server for AWS Marketplace 7.1.1及之前版本和TIBCO JasperReports Server for ActiveMatrix BPM 7.1.1及之前版本中的UI管理组件存在安全漏洞。攻击者可利用该漏洞获取JasperReports Server的超级用户权限，执行任意代码。

Severity: 高

Patch Name: TIBCO Software TIBCO JasperReports Server权限提升漏洞的补丁

Patch Description:

TIBCO Software JasperReports Server是美国TIBCO Software公司的一款可嵌入的报告服务器，它提供可以嵌入到Web或移动设备中的报告和分析功能。

Formal description:

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://www.tibco.com/support/advisories/2020/05/tibco-security-advisory-may-19-2020-tibco-jasperreports-server

Reference: https://nvd.nist.gov/vuln/detail/CVE-2020-9409

Impacted products

Name
['TIBCO Software TIBCO JasperReports Server <=7.1.1', 'TIBCO Software TIBCO JasperReports Server for AWS Marketplace <=7.1.1', 'TIBCO Software TIBCO JasperReports Server for ActiveMatrix BPM <=7.1.1']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2020-9409"
    }
  },
  "description": "TIBCO Software JasperReports Server\u662f\u7f8e\u56fdTIBCO Software\u516c\u53f8\u7684\u4e00\u6b3e\u53ef\u5d4c\u5165\u7684\u62a5\u544a\u670d\u52a1\u5668\uff0c\u5b83\u63d0\u4f9b\u53ef\u4ee5\u5d4c\u5165\u5230Web\u6216\u79fb\u52a8\u8bbe\u5907\u4e2d\u7684\u62a5\u544a\u548c\u5206\u6790\u529f\u80fd\u3002\n\nTIBCO Software TIBCO JasperReports Server 7.1.1\u53ca\u4e4b\u524d\u7248\u672c\u3001TIBCO JasperReports Server for AWS Marketplace 7.1.1\u53ca\u4e4b\u524d\u7248\u672c\u548cTIBCO JasperReports Server for ActiveMatrix BPM 7.1.1\u53ca\u4e4b\u524d\u7248\u672c\u4e2d\u7684UI\u7ba1\u7406\u7ec4\u4ef6\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6JasperReports Server\u7684\u8d85\u7ea7\u7528\u6237\u6743\u9650\uff0c\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://www.tibco.com/support/advisories/2020/05/tibco-security-advisory-may-19-2020-tibco-jasperreports-server",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2020-34447",
  "openTime": "2020-06-23",
  "patchDescription": "TIBCO Software JasperReports Server\u662f\u7f8e\u56fdTIBCO Software\u516c\u53f8\u7684\u4e00\u6b3e\u53ef\u5d4c\u5165\u7684\u62a5\u544a\u670d\u52a1\u5668\uff0c\u5b83\u63d0\u4f9b\u53ef\u4ee5\u5d4c\u5165\u5230Web\u6216\u79fb\u52a8\u8bbe\u5907\u4e2d\u7684\u62a5\u544a\u548c\u5206\u6790\u529f\u80fd\u3002\r\n\r\nTIBCO Software TIBCO JasperReports Server 7.1.1\u53ca\u4e4b\u524d\u7248\u672c\u3001TIBCO JasperReports Server for AWS Marketplace 7.1.1\u53ca\u4e4b\u524d\u7248\u672c\u548cTIBCO JasperReports Server for ActiveMatrix BPM 7.1.1\u53ca\u4e4b\u524d\u7248\u672c\u4e2d\u7684UI\u7ba1\u7406\u7ec4\u4ef6\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6JasperReports Server\u7684\u8d85\u7ea7\u7528\u6237\u6743\u9650\uff0c\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "TIBCO Software TIBCO JasperReports Server\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "TIBCO Software TIBCO JasperReports Server \u003c=7.1.1",
      "TIBCO Software TIBCO JasperReports Server for AWS Marketplace \u003c=7.1.1",
      "TIBCO Software TIBCO JasperReports Server for ActiveMatrix BPM \u003c=7.1.1"
    ]
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2020-9409",
  "serverity": "\u9ad8",
  "submitTime": "2020-05-21",
  "title": "TIBCO Software TIBCO JasperReports Server\u6743\u9650\u63d0\u5347\u6f0f\u6d1e"
}

CVE-2020-9409 (GCVE-0-2020-9409)

Vulnerability from cvelistv5

Published

2020-05-20 12:25

Modified

2024-09-17 01:16

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

The impact of this vulnerability includes the possibility that an unauthenticated user obtains JasperReports Server "superuser" permission, and further might be able to execute arbitrary code with the system account that started the affected component.

Summary

The administrative UI component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server for AWS Marketplace, and TIBCO JasperReports Server for ActiveMatrix BPM contains a vulnerability that theoretically allows an unauthenticated attacker to obtain the permissions of a JasperReports Server "superuser" for the affected systems. The attacker can theoretically exploit the vulnerability consistently, remotely, and without authenticating. Affected releases are TIBCO Software Inc.'s TIBCO JasperReports Server: versions 7.1.1 and below, TIBCO JasperReports Server for AWS Marketplace: versions 7.1.1 and below, and TIBCO JasperReports Server for ActiveMatrix BPM: versions 7.1.1 and below.

References

▼	URL	Tags
	http://www.tibco.com/services/support/advisories	x_refsource_CONFIRM
	https://www.oracle.com/security-alerts/cpuoct2020.html	x_refsource_MISC

Impacted products

Vendor

Product

Version

▼

TIBCO Software Inc.

TIBCO JasperReports Server

Version: unspecified <

	TIBCO Software Inc.	TIBCO JasperReports Server for AWS Marketplace	Version: unspecified <
	TIBCO Software Inc.	TIBCO JasperReports Server for ActiveMatrix BPM	Version: unspecified <

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T10:26:16.088Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.tibco.com/services/support/advisories"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "TIBCO JasperReports Server",
          "vendor": "TIBCO Software Inc.",
          "versions": [
            {
              "lessThanOrEqual": "7.1.1",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "TIBCO JasperReports Server for AWS Marketplace",
          "vendor": "TIBCO Software Inc.",
          "versions": [
            {
              "lessThanOrEqual": "7.1.1",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "TIBCO JasperReports Server for ActiveMatrix BPM",
          "vendor": "TIBCO Software Inc.",
          "versions": [
            {
              "lessThanOrEqual": "7.1.1",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2020-05-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The administrative UI component of TIBCO Software Inc.\u0027s TIBCO JasperReports Server, TIBCO JasperReports Server for AWS Marketplace, and TIBCO JasperReports Server for ActiveMatrix BPM contains a vulnerability that theoretically allows an unauthenticated attacker to obtain the permissions of a JasperReports Server \"superuser\" for the affected systems. The attacker can theoretically exploit the vulnerability consistently, remotely, and without authenticating. Affected releases are TIBCO Software Inc.\u0027s TIBCO JasperReports Server: versions 7.1.1 and below, TIBCO JasperReports Server for AWS Marketplace: versions 7.1.1 and below, and TIBCO JasperReports Server for ActiveMatrix BPM: versions 7.1.1 and below."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "The impact of this vulnerability includes the possibility that an unauthenticated user obtains JasperReports Server \"superuser\" permission, and further might be able to execute arbitrary code with the system account that started the affected component.",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-20T21:15:05",
        "orgId": "4f830c72-39e4-45f6-a99f-78cc01ae04db",
        "shortName": "tibco"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.tibco.com/services/support/advisories"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "TIBCO has released updated versions of the affected components which address these issues.\n\nTIBCO JasperReports Server versions 7.1.1 and below update to version 7.1.3 or higher\nTIBCO JasperReports Server for AWS Marketplace versions 7.1.1 and below update to version 7.2.0 or higher\nTIBCO JasperReports Server for ActiveMatrix BPM versions 7.1.1 and below update to version 7.1.3 or higher"
        }
      ],
      "source": {
        "discovery": "USER"
      },
      "title": "TIBCO JasperReports Server Fails To Enforce Access Restrictions",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@tibco.com",
          "DATE_PUBLIC": "2020-05-19T17:00:00Z",
          "ID": "CVE-2020-9409",
          "STATE": "PUBLIC",
          "TITLE": "TIBCO JasperReports Server Fails To Enforce Access Restrictions"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "TIBCO JasperReports Server",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c=",
                            "version_value": "7.1.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "TIBCO JasperReports Server for AWS Marketplace",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c=",
                            "version_value": "7.1.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "TIBCO JasperReports Server for ActiveMatrix BPM",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c=",
                            "version_value": "7.1.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "TIBCO Software Inc."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The administrative UI component of TIBCO Software Inc.\u0027s TIBCO JasperReports Server, TIBCO JasperReports Server for AWS Marketplace, and TIBCO JasperReports Server for ActiveMatrix BPM contains a vulnerability that theoretically allows an unauthenticated attacker to obtain the permissions of a JasperReports Server \"superuser\" for the affected systems. The attacker can theoretically exploit the vulnerability consistently, remotely, and without authenticating. Affected releases are TIBCO Software Inc.\u0027s TIBCO JasperReports Server: versions 7.1.1 and below, TIBCO JasperReports Server for AWS Marketplace: versions 7.1.1 and below, and TIBCO JasperReports Server for ActiveMatrix BPM: versions 7.1.1 and below."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "The impact of this vulnerability includes the possibility that an unauthenticated user obtains JasperReports Server \"superuser\" permission, and further might be able to execute arbitrary code with the system account that started the affected component."
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.tibco.com/services/support/advisories",
              "refsource": "CONFIRM",
              "url": "http://www.tibco.com/services/support/advisories"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpuoct2020.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "TIBCO has released updated versions of the affected components which address these issues.\n\nTIBCO JasperReports Server versions 7.1.1 and below update to version 7.1.3 or higher\nTIBCO JasperReports Server for AWS Marketplace versions 7.1.1 and below update to version 7.2.0 or higher\nTIBCO JasperReports Server for ActiveMatrix BPM versions 7.1.1 and below update to version 7.1.3 or higher"
          }
        ],
        "source": {
          "discovery": "USER"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "4f830c72-39e4-45f6-a99f-78cc01ae04db",
    "assignerShortName": "tibco",
    "cveId": "CVE-2020-9409",
    "datePublished": "2020-05-20T12:25:13.045417Z",
    "dateReserved": "2020-02-26T00:00:00",
    "dateUpdated": "2024-09-17T01:16:13.966Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted