CVE-2018-18809

unknown KEV

Published 2022-12-29 · Modified 2022-12-29

CVSS v3

—

CVSS v2

—

VIR risk

1.5

Description

TIBCO JasperReports Library contains a directory-traversal vulnerability that may allow web server users to access contents of the host system.

CISA KEV

Vendor: TIBCO
Product: JasperReports
Due date: 2023-01-19

Predictions

Exploit likelihood

99%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: cisa-kev — https://www.tibco.com/support/advisories/2019/03/tibco-security-advisory-march-6-2019-tibco-jasperreports-library-2018-18809; https://nvd.nist.gov/vuln/detail/CVE-2018-18809

Exploits

References

https://www.tibco.com/support/advisories/2019/03/tibco-security-advisory-march-6-2019-tibco-jasperreports-library-2018-18809; https://nvd.nist.gov/vuln/detail/CVE-2018-18809

Verify integrity in audit chain (admin only). AS-IS.