CVE-2026-8590
HIGH
8.7
CVSS 4.0
Description
Vulnerability in Spotfire Spotfire Enterprise (Spotfire Server modules), Spotfire Spotfire Enterprise with External Consumers (Spotfire Server modules), Spotfire Spotfire on Kubernetes (Spotfire Server modules).
This issue affects Spotfire Enterprise: through 14.0.12, through 14.4.2, through 14.5.0, through 14.6.1, through 14.6.2, through 14.7.0, through 14.8.0; Spotfire Enterprise with External Consumers: through 14.0.12, through 14.5.0, through 14.6.0, through 14.6.1, through 14.6.2, through 14.7.0, through 14.8.0; Spotfire on Kubernetes: through 4.2.0, 5.0.X, 6.0.X.
Metadata
Severity & Metrics
8.7
HIGH CVSS 4.0
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N
SSVC — CISA Coordinator
Affected products (3)
| Vendor | Product | Platform | Versions |
|---|---|---|---|
| Spotfire | Spotfire Enterprise | — | 0 ≤ 14.0.12, 0 ≤ 14.4.2, 0 ≤ 14.5.0, 0 ≤ 14.6.1 … |
| Spotfire | Spotfire Enterprise with External Consumers | — | 0 ≤ 14.0.12, 0 ≤ 14.5.0, 0 ≤ 14.6.0, 0 ≤ 14.6.1 … |
| Spotfire | Spotfire on Kubernetes | — | 0 ≤ 4.2.0, 5.0.x, 6.0.x |
Weakness (CWE)
| CWE | Source | Description |
|---|---|---|
| — | adp | CWE-noinfo Not enough information |
CVSS scores (1)
| Score | Severity | Version | Source | Vector |
|---|---|---|---|---|
| 8.7 | HIGH | 4.0 | cna | CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N |
References (1)