NVD

Vulnerability Change Records for CVE-2018-5431

Action	Type	Old Value	New Value
Added	CPE Configuration		OR cpe:2.3:a:tibco:jasperreports_server::::::::* versions up to (including) 6.2.4 cpe:2.3:a:tibco:jasperreports_server:6.3.0::::::: cpe:2.3:a:tibco:jasperreports_server:6.3.2::::::: cpe:2.3:a:tibco:jasperreports_server:6.3.3::::::: cpe:2.3:a:tibco:jasperreports_server:6.4.0::::::: cpe:2.3:a:tibco:jasperreports_server:6.4.2::::::: cpe:2.3:a:tibco:jasperreports_server::::::activematrix_bpm:: versions up to (including) 6.4.2 cpe:2.3:a:tibco:jasperreports_server:::::community::: versions up to (including) 6.4.2
Added	CPE Configuration		OR cpe:2.3:a:tibco:jaspersoft::::::aws_with_multi-tenancy:: versions up to (including) 6.4.2 cpe:2.3:a:tibco:jaspersoft_reporting_and_analytics::::::aws:: versions up to (including) 6.4.2
Added	CVSS V2		(AV:N/AC:M/Au:S/C:N/I:P/A:N)
Added	CVSS V2 Metadata		Victim must voluntarily interact with attack mechanism
Added	CVSS V3		AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Added	CWE		CWE-79
Changed	Reference Type	https://www.tibco.com/support/advisories/2018/04/tibco-security-advisory-april-17-2018-tibco-jasperreports-2018-5431 No Types Assigned	https://www.tibco.com/support/advisories/2018/04/tibco-security-advisory-april-17-2018-tibco-jasperreports-2018-5431 Vendor Advisory