TIBCO Spotfire Statistics Services remote execution vulnerabilities – Oct 2018

Theoretically, big data analytics is the often complex process of examining large and varied data sets to uncover information including hidden patterns and unknown correlation. Basically it can help organizations make informed business decisions. Since you can use the URL API to send administration, expression, or function requests to the TIBCO web server. Use the URL API for testing the health of the server, rather than for creating web-based applications.

As a result, without needing to authenticate, an attacker may be able to remotely execute code with the permissions of the system account used to run the web server component. Meanwhile the web server component ( Spotfire Statistics Services) hits multiple vulnerabilities that may allow the remote execution of code. In order to maintain your operation without any interruption. It is suggest to follow the vendor advisory to do the remediation. Below URL for your reference.