FKIE_CVE-2015-4554
Vulnerability from fkie_nvd - Published: 2015-07-21 19:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
Multiple unspecified vulnerabilities in TIBCO Spotfire Client and Spotfire Web Player Client in Spotfire Analyst before 5.5.2, 6.0.x before 6.0.3, 6.5.x before 6.5.3, and 7.0.x before 7.0.1; Spotfire Analytics Platform for AWS 6.5 and 7.0.x before 7.0.1; Spotfire Automation Services before 5.5.2, 6.0.x before 6.0.3, 6.5.x before 6.5.3, and 7.0.x before 7.0.1; Spotfire Deployment Kit before 5.5.2, 6.0.x before 6.0.3, 6.5.x before 6.5.3, and 7.0.x before 7.0.1; Spotfire Desktop before 6.5.2 and 7.0.x before 7.0.1; Spotfire Desktop Language Packs 7.0.x before 7.0.1; Spotfire Professional before 5.5.2, 6.0.x before 6.0.3, 6.5.x before 6.5.3, and 7.0.x before 7.0.1; Spotfire Web Player before 5.5.2, 6.0.x before 6.0.3, 6.5.x before 6.5.3, and 7.0.x before 7.0.1; and Silver Fabric Enabler for Spotfire Web Player before 2.1.1 allow remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tibco:spotfire_deployment_kit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "57DC39D9-185E-43B3-9531-1C8009E3655A",
"versionEndIncluding": "5.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:spotfire_deployment_kit:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F84BEBA3-273C-4F88-94DA-8B85175866F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:spotfire_deployment_kit:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D3F891B7-FD7E-47A0-8F38-C6BFC89CC72C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:spotfire_deployment_kit:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "27FF438B-B7AC-4FBC-A833-8AC044562F01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:spotfire_deployment_kit:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "775D3D90-924C-41B0-B410-A86B0FD88771",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:spotfire_deployment_kit:6.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1943C4FB-EA8E-4796-87CF-B5E3B6CE2AF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:spotfire_deployment_kit:6.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4D5619C4-83F5-4C1F-9668-E556A9F87E82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:spotfire_deployment_kit:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D050885E-62BF-454F-A653-129269829390",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tibco:spotfire_professional:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3123E2BA-9ECD-42E1-907D-8ACD160ED92F",
"versionEndIncluding": "5.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:spotfire_professional:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "266F4FB1-93F9-4A3A-98B1-7C1F72FD2422",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:spotfire_professional:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3D806D55-863F-40CF-8025-8CD4319B7CE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:spotfire_professional:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8E66C534-ADEF-4019-9D8A-DE862E69F4BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:spotfire_professional:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "09A1FABD-ADA4-4156-A013-86B0A7354D04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:spotfire_professional:6.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F38E62A0-412F-46D7-9A8A-313B22F7B275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:spotfire_professional:6.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9E6E9CF1-A6A1-441E-9D73-6F5353E6D2F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:spotfire_professional:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D883BEDD-2A54-4D01-8322-E7804D1D057A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tibco:spotfire_web_player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B2FC5EA-E43E-411F-A43E-A59AB75A9EF0",
"versionEndIncluding": "5.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:spotfire_web_player:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B99855B-C096-4431-9C48-BF521478839D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:spotfire_web_player:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "22E0910B-2683-423A-B221-004CD3233D57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:spotfire_web_player:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7332A6C6-BA11-483D-B122-6A6532676012",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:spotfire_web_player:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A722B273-B87E-4929-A155-57C57B4F2DB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:spotfire_web_player:6.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F67094E7-B46D-470D-8652-DFB8E3D8B5F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:spotfire_web_player:6.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "64B4D286-69ED-4BA2-B507-657E85B3E9AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:spotfire_web_player:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6C96AC0E-4C68-4CDD-A73F-3B19D2EEFE8E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tibco:spotfire_desktop:*:*:*:*:*:*:*:*",
"matchCriteriaId": "157572D1-02EF-4175-A047-B9927AC58E00",
"versionEndIncluding": "6.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:spotfire_desktop:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "981372F8-3050-42BA-BF94-16478E4B04A5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tibco:spotfire_desktop_language_packs:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6B0550DF-14AA-4FEB-A23F-F0B4F048845A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tibco:spotfire_automation_services:*:*:*:*:*:*:*:*",
"matchCriteriaId": "88DE3F8C-E5BB-4903-BAD7-D30F3B1D10F5",
"versionEndIncluding": "5.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:spotfire_automation_services:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EB47D764-73E8-439F-8926-D33900537C2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:spotfire_automation_services:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FC5A4314-73D2-41F5-A0CB-093AD6721D66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:spotfire_automation_services:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9A2072-B7B0-403C-A67A-0D8D9E09E623",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:spotfire_automation_services:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8F0975D1-E4CC-41B6-AE83-CF8B8868ECA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:spotfire_automation_services:6.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "589EED8A-D63B-43C9-A6E5-9268A52AC25A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:spotfire_automation_services:6.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "532C8956-2EE3-40A4-9770-D6374FF13307",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:spotfire_automation_services:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0424905D-696E-4D5F-957E-9D360F03E296",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tibco:spotfire_analyst:*:*:*:*:*:*:*:*",
"matchCriteriaId": "69B182CF-358B-4100-A405-AEF1FF367476",
"versionEndIncluding": "5.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:spotfire_analyst:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BAFDF6AB-0C5E-4758-AF64-0E12A55BF111",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:spotfire_analyst:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D812E975-F3D1-4199-ABE9-606E5E0C3303",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:spotfire_analyst:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7BFF4B74-6985-41D6-A2DA-4BD5E0A0E5EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:spotfire_analyst:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A31BED19-6530-438A-B4F4-8C085956FDD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:spotfire_analyst:6.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E22C7ECD-0EB6-4F5F-8EAF-F4226C543DDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:spotfire_analyst:6.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F908F48F-8CB7-4DB0-98ED-90FA5F5E4092",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:spotfire_analyst:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FB2E0969-1D24-4AEB-918B-163CAFC8134A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tibco:silver_fabric_enabler_for_spotfire_webplayer:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F8B940A-A7F7-4136-B4BD-A30A6C42272E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tibco:spotfire_analytics_platform_for_aws:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4C5AEE71-18C6-41FC-9875-AD37C7D2749A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:spotfire_analytics_platform_for_aws:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D330A100-EABC-40DD-9EA9-251ABDC1B10C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in TIBCO Spotfire Client and Spotfire Web Player Client in Spotfire Analyst before 5.5.2, 6.0.x before 6.0.3, 6.5.x before 6.5.3, and 7.0.x before 7.0.1; Spotfire Analytics Platform for AWS 6.5 and 7.0.x before 7.0.1; Spotfire Automation Services before 5.5.2, 6.0.x before 6.0.3, 6.5.x before 6.5.3, and 7.0.x before 7.0.1; Spotfire Deployment Kit before 5.5.2, 6.0.x before 6.0.3, 6.5.x before 6.5.3, and 7.0.x before 7.0.1; Spotfire Desktop before 6.5.2 and 7.0.x before 7.0.1; Spotfire Desktop Language Packs 7.0.x before 7.0.1; Spotfire Professional before 5.5.2, 6.0.x before 6.0.3, 6.5.x before 6.5.3, and 7.0.x before 7.0.1; Spotfire Web Player before 5.5.2, 6.0.x before 6.0.3, 6.5.x before 6.5.3, and 7.0.x before 7.0.1; and Silver Fabric Enabler for Spotfire Web Player before 2.1.1 allow remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades no especificadas en TIBCO Spotfire Client y Spotfire Web Player Client en Spotfire Analyst en sus versiones anteriores a 5.5.2, 6.0.x anteriores a 6.0.3, 6.5.x anteriores a 6.5.3 y 7.0.x anteriores a 7.0.1; Spotfire Analytics Platform para AWS 6.5 y 7.0.x anteriores a 7.0.1; Spotfire Automation Services anteriores a 5.5.2, 6.0.x anteriores a 6.0.3, 6.5.x anteriores a 6.5.3 y 7.0.x anteriores a 7.0.1; Spotfire Deployment Kit anteriores a 5.5.2, 6.0.x anteriores a 6.0.3, 6.5.x anteriores a 6.5.3 y 7.0.x anteriores a 7.0.1; Spotfire Desktop anteriores a 6.5.2 y 7.0.x anteriores a 7.0.1; Spotfire Desktop Language Packs 7.0.x anteriores a 7.0.1; Spotfire Professional anteriores a 5.5.2, 6.0.x anteriores a 6.0.3, 6.5.x anteriores a 6.5.3 y 7.0.x anteriores a 7.0.1; Spotfire Web Player anteriores a 5.5.2, 6.0.x anteriores a 6.0.3, 6.5.x anteriores a 6.5.3 y 7.0.x anteriores a 7.0.1 y Silver Fabric Enabler para Spotfire Web Player anteriores a 2.1.1 permiten a atacantes remotos obtener informaci\u00f3n sensible o ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores desconocidos."
}
],
"id": "CVE-2015-4554",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-07-21T19:59:03.037",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1033015"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.tibco.com/assets/blt1fd126faba191a9f/2015-001-advisory.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1033015"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.tibco.com/assets/blt1fd126faba191a9f/2015-001-advisory.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.tibco.com/mk/advisory.jsp"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…