Fixed Intel

CISA Known Exploited Vulnerability

This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.

Remediation Deadline: Jan 19, 2023

CVE-2018-18809

High
EPSS 93.9%CISA KEV
TIBCO/JasperReports

Description

TIBCO JasperReports Library contains a directory-traversal vulnerability that may allow web server users to access contents of the host system.

EPSS — Exploit Probability

93.9%

Higher than 99.9% of all CVEs

Required Action

https://www.tibco.com/support/advisories/2019/03/tibco-security-advisory-march-6-2019-tibco-jasperreports-library-2018-18809; https://nvd.nist.gov/vuln/detail/CVE-2018-18809

Risk Assessment

HIGH
In CISA KEV
High EPSS

Details

Severity
High
EPSS
93.9%
CISA KEV
Yes
Ransomware
Unknown
Articles
0

Timeline

Published

Dec 29, 2022

Added to KEV

Dec 29, 2022

Remediation Due

Jan 19, 2023

Affected Product

TIBCO

JasperReports

View all TIBCO CVEs

External Links

NVD (NIST)CVE DetailsMITRE CVE