Get help with JNDI vulnerability CVE-2021-42392! Get CSW's Detection Script
Back to all zero days

CVE-2018-18809 - Directory Traversal Vulnerability in TIBCO JasperReports Library

Affected Vendor

TIBCO JasperReports Library

Status

Fixed

Date

Oct 15, 2018

Medium Severity

Description

The directory traversal vulnerability may theoretically allow web server users to access the contents of the host system.

Proof of concept: (POC)

This vulnerability was tested in TIBCO Jaspersoft.

Figure 01: Actual Request.

Figure02: Variable Injected with payload 01.

  

Figure 03: Variable Injected with payload 02.

Figure 04: Seps to reproduce.

Impact

The impact of this vulnerability includes the theoretical possibility that a web server using the provided DefaultWebResourceHandler could expose details of the host system. The disclosed data could include credentials to access other systems.

Remediations

Download and apply the following patch advised as per TIBCO for the affected system, update to the corresponding software versions:

  • TIBCO JasperReports Library versions 6.3.4 and below update to version 6.3.5 or higher

  • TIBCO JasperReports Library versions 6.4.1, 6.4.2, and 6.4.21 update to version 6.4.22 or higher

  • TIBCO JasperReports Library version 7.1.0 update to version 7.1.1 or higher

  • TIBCO JasperReports Library version 7.2.0 update to version 7.2.1 or higher

  • TIBCO JasperReports Library Community Edition versions 6.7.0 and below update to version 6.7.1 or higher

  • TIBCO JasperReports Library for ActiveMatrix BPM versions 6.4.21 and below update to version 6.4.22 or higher

  • TIBCO JasperReports Server versions 6.3.4 and below update to version 6.3.5 or higher

  • TIBCO JasperReports Server versions 6.4.0, 6.4.1, 6.4.2, and 6.4.3 update to version 6.4.4 or higher

  • TIBCO JasperReports Server version 7.1.0 update to version 7.1.1 or higher

  • TIBCO JasperReports Server Community Edition versions 7.1.0 and below update to version 7.1.1 or higher

  • TIBCO JasperReports Server for ActiveMatrix BPM versions 6.4.3 and below update to version 6.4.4 or higher

  • TIBCO Jaspersoft for AWS with Multi-Tenancy versions 7.1.0 and below update to version 7.1.1 or higher

  • TIBCO Jaspersoft Reporting and Analytics for AWS versions 7.1.0 and below update to version 7.1.1 or higher

Timeline

Oct 15, 2018: Discovered in Tibco.

Jan 11, 2019: The issue was under investigation.

Mar 06, 2019: TIBCO Security Advisory Published.

Apr 26, 2019: Demo site fixed and updated.

Discovered by

Cyber Security Works Pvt. Ltd. 


  • Affected VendorTIBCO JasperReports Library
  • Bug NameDirectory Traversal Vulnerability
  • CVE NumberCVE-2018-18809
  • CWE IDCWE - 22
  • CSW ID2018-CSW-02-1018
  • CVSSv3 Score6.5
  • Affected Version
  • SeverityMedium
  • Affected ProductTIBCO JasperReports Library versions 6.3.4 and below, TIBCO JasperReports Library versions 6.4.1, 6.4.2, and 6.4.21, TIBCO JasperReports Library version 7.1.0, TIBCO JasperReports Library version 7.2.0, TIBCO JasperReports Library Community Edition versions 6.7.0 and below,TIBCO JasperReports Library for ActiveMatrix BPM versions 6.4.21 and below, TIBCO JasperReports Server versions 6.3.4 and below TIBCO JasperReports Server versions 6.4.0, 6.4.1, 6.4.2, and 6.4.3, TIBCO JasperReports Server version 7.1.0, TIBCO JasperReports Server Community Edition versions 6.4.3 and below, TIBCO JasperReports Server Community Edition version 7.1.0, TIBCO JasperReports Server for ActiveMatrix BPM versions 6.4.3 and below, TIBCO Jaspersoft for AWS with Multi-Tenancy versions 7.1.0 and below ,TIBCO Jaspersoft Reporting and Analytics for AWS versions 7.1.0 and below
fb icon twitter icon insta icon

Talk to CSW's team of experts to secure your landscape.