CVE-2017-5528, CVE-2017-5529 and CVE-2017-5532 JasperReports Server Vulnerability Issues
Document ID :
Last Modified Date :
Show Technical Document Details
I am aware about the following TIBCO Security Advisory.
1. CVE-2017-5528: TIBCO JasperReports Server cross-site vulnerabilities
2. CVE-2017-5529: TIBCO JasperReports Library Information Disclosure
3. CVE-2017-5532: TIBCO JasperReports persistent cross site scripting
I have installed CA Business Intelligence (CABI) JasperReports Server for Spectrum reporting. Is my CABI JasperReports Server affected?
Spectrum 10.2 onward with CABI JasperReports Server
These security vulnerability issues are addressed from CABI JasperReports Server 6.4.2 onward. If you are installing older version of CABI JasperReports Server then you should upgrade to 6.4.2 to address these issues.
CABI JasperReports Server 6.4.2 is supported to integrate with Spectrum from version 10.2.3 onward. However, for Spectrum 10.2.3 you need to apply PTF 10.02.03.PTF_10.2.316. Please refer to
Please refer to below documentation about how to upgrade
Please contact CA Support to obtain patch PTF 10.02.03.PTF_10.2.316.
Was this information helpful?