Vulnerability Details : CVE-2018-18809
Potential exploit
The default server implementation of TIBCO Software Inc.'s TIBCO JasperReports Library, TIBCO JasperReports Library Community Edition, TIBCO JasperReports Library for ActiveMatrix BPM, TIBCO JasperReports Server, TIBCO JasperReports Server Community Edition, TIBCO JasperReports Server for ActiveMatrix BPM, TIBCO Jaspersoft for AWS with Multi-Tenancy, and TIBCO Jaspersoft Reporting and Analytics for AWS contains a directory-traversal vulnerability that may theoretically allow web server users to access contents of the host system. Affected releases are TIBCO Software Inc.'s TIBCO JasperReports Library: versions up to and including 6.3.4; 6.4.1; 6.4.2; 6.4.21; 7.1.0; 7.2.0, TIBCO JasperReports Library Community Edition: versions up to and including 6.7.0, TIBCO JasperReports Library for ActiveMatrix BPM: versions up to and including 6.4.21, TIBCO JasperReports Server: versions up to and including 6.3.4; 6.4.0; 6.4.1; 6.4.2; 6.4.3; 7.1.0, TIBCO JasperReports Server Community Edition: versions up to and including 6.4.3; 7.1.0, TIBCO JasperReports Server for ActiveMatrix BPM: versions up to and including 6.4.3, TIBCO Jaspersoft for AWS with Multi-Tenancy: versions up to and including 7.1.0, TIBCO Jaspersoft Reporting and Analytics for AWS: versions up to and including 7.1.0.
Vulnerability category: Directory traversal
Products affected by CVE-2018-18809
- cpe:2.3:a:tibco:jasperreports_server:*:*:*:*:*:activematrix_bpm:*:*
- cpe:2.3:a:tibco:jasperreports_server:*:*:*:*:community:*:*:*
- cpe:2.3:a:tibco:jasperreports_server:6.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:tibco:jasperreports_server:7.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:tibco:jasperreports_server:6.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:tibco:jasperreports_server:6.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:tibco:jasperreports_server:6.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:tibco:jasperreports_server:7.1.0:*:*:*:community:*:*:*
- cpe:2.3:a:tibco:jasperreports_server:6.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:tibco:jasperreports_library:*:*:*:*:community:*:*:*
- cpe:2.3:a:tibco:jasperreports_library:*:*:*:*:activematrix_bpm:*:*:*
- cpe:2.3:a:tibco:jasperreports_library:6.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:tibco:jasperreports_library:6.4.21:*:*:*:*:*:*:*
- cpe:2.3:a:tibco:jasperreports_library:7.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:tibco:jasperreports_library:7.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:tibco:jasperreports_library:6.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:tibco:jasperreports_library:6.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:tibco:jaspersoft:*:*:*:*:*:aws_with_multi-tenancy:*:*
- cpe:2.3:a:tibco:jaspersoft_reporting_and_analytics:*:*:*:*:*:aws:*:*
CVE-2018-18809 is in the CISA Known Exploited Vulnerabilities Catalog
CISA vulnerability name:
TIBCO JasperReports Library Directory Traversal Vulnerability
CISA required action:
Apply updates per vendor instructions.
CISA description:
TIBCO JasperReports Library contains a directory-traversal vulnerability that may allow web server users to access contents of the host system.
Notes:
https://www.tibco.com/support/advisories/2019/03/tibco-security-advisory-march-6-2019-tibco-jasperreports-library-2018-18809; https://nvd.nist.gov/vuln/detail/CVE-2018-18809
Added on
2022-12-29
Action due date
2023-01-19
Exploit prediction scoring system (EPSS) score for CVE-2018-18809
47.15%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 98 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2018-18809
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.0
|
MEDIUM | AV:N/AC:L/Au:S/C:P/I:N/A:N |
8.0
|
2.9
|
NIST | |
9.9
|
CRITICAL | CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H |
3.1
|
6.0
|
TIBCO Software Inc. | |
6.5
|
MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
2.8
|
3.6
|
NIST |
CWE ids for CVE-2018-18809
-
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.Assigned by:
- 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)
- nvd@nist.gov (Primary)
References for CVE-2018-18809
-
http://packetstormsecurity.com/files/154406/Tibco-JasperSoft-Path-Traversal.html
Tibco JasperSoft Path Traversal ≈ Packet StormThird Party Advisory;VDB Entry
-
http://www.tibco.com/services/support/advisories
Advisory | TIBCO SoftwareVendor Advisory
-
https://security.elarlang.eu/cve-2018-18809-path-traversal-in-tibco-jaspersoft.html
CVE-2018-18809 Path traversal in Tibco JasperSoft - Security | Elar LangExploit;Third Party Advisory
-
https://cybersecurityworks.com/zerodays/cve-2018-18809-tibco.html
CVE-2018-18809 - Directory Traversal Vulnerability in TIBCO JasperReports LibraryExploit;Third Party Advisory
-
http://www.securityfocus.com/bid/107351
TIBCO JasperReports Server CVE-2018-18809 Directory Traversal VulnerabilityBroken Link;Third Party Advisory;VDB Entry
-
http://seclists.org/fulldisclosure/2019/Sep/17
Full Disclosure: CVE-2018-18809 Path traversal in Tibco JasperSoftMailing List;Third Party Advisory
-
https://www.tibco.com/support/advisories/2019/03/tibco-security-advisory-march-6-2019-tibco-jasperreports-library-2018-18809
TIBCO Security Advisory: March 6, 2019 - TIBCO JasperReports Library - 2018-18809 | TIBCO SoftwareVendor Advisory
Jump to