medium
6.5
CWE
200
Advisory Published
Updated

CVE-2017-5529: TIBCO JasperReports Library Information Disclosure

First published: Thu Jun 29 2017(Updated: )

JasperReports library components contain an information disclosure vulnerability. This vulnerability includes the theoretical disclosure of any accessible information from the host file system. Affects TIBCO JasperReports Library Community Edition (versions 6.4.0 and below), TIBCO JasperReports Library for ActiveMatrix BPM (versions 6.2.0 and below), TIBCO JasperReports Professional (versions 6.2.1 and below, and 6.3.0), TIBCO JasperReports Server (versions 6.1.1 and below, 6.2.0, 6.2.1, 6.3.0), TIBCO JasperReports Server Community Edition (versions 6.3.0 and below), TIBCO JasperReports Server for ActiveMatrix BPM (versions 6.2.0 and below), TIBCO Jaspersoft for AWS with Multi-Tenancy (versions 6.3.0 and below), TIBCO Jaspersoft Reporting and Analytics for AWS (versions 6.3.0 and below), and TIBCO Jaspersoft Studio for ActiveMatrix BPM (versions 6.2.0 and below).

Credit: security@tibco.com

Affected SoftwareAffected VersionHow to fix
TIBCO JasperReports Library Community Edition<=6.4.0
TIBCO JasperReports Library ActiveMatrix BPM<=6.2.0
TIBCO JasperReports<=6.2.1
TIBCO JasperReports=6.3.0
TIBCO JasperReports Server<=6.1.1
TIBCO JasperReports Server=6.2.0
TIBCO JasperReports Server=6.2.1
TIBCO JasperReports Server=6.3.0
TIBCO JasperReports Server<=6.3.0
TIBCO JasperReports Server<=6.2.0
TIBCO Jaspersoft AWS with Multi-Tenancy<=6.3.0
TIBCO Jaspersoft Reporting and Analytics AWS<=6.3.0
TIBCO Jaspersoft Studio ActiveMatrix BPM<=6.2.0

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2017-5529?

    The severity of CVE-2017-5529 is classified as medium due to its potential for information disclosure.

  • How do I fix CVE-2017-5529?

    To fix CVE-2017-5529, it is recommended to upgrade to a version of TIBCO JasperReports Library that is above 6.4.0.

  • What software is affected by CVE-2017-5529?

    CVE-2017-5529 affects TIBCO JasperReports Library Community Edition versions 6.4.0 and below, along with several other related TIBCO products.

  • What type of vulnerability is CVE-2017-5529?

    CVE-2017-5529 is an information disclosure vulnerability that can allow unauthorized access to file system data.

  • Is there a workaround for CVE-2017-5529?

    There are no known effective workarounds for CVE-2017-5529 aside from applying the recommended updates.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203