CVE-2014-5285

EUVD-2014-5176
Unspecified vulnerability in the Authentication Module in TIBCO Spotfire Server before 4.5.2, 5.0.x before 5.0.3, 5.5.x before 5.5.2, 6.0.x before 6.0.3, and 6.5.x before 6.5.1 allows remote attackers to gain privileges, and obtain sensitive information or modify data, via unknown vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 65%
Affected Products (NVD)
VendorProductVersion
tibcospotfire_server
𝑥
≤ 4.5.1
tibcospotfire_server
4.5.0
tibcospotfire_server
5.0.0
tibcospotfire_server
5.0.1
tibcospotfire_server
5.0.2
tibcospotfire_server
5.5.0
tibcospotfire_server
5.5.1
tibcospotfire_server
6.0.0
tibcospotfire_server
6.0.1
tibcospotfire_server
6.0.2
tibcospotfire_server
6.5.0
𝑥
= Vulnerable software versions
References
http://www.tibco.com/assets/bltdb348db4de625c6f/2014-006-Spotfire-advisory-cm-including3.X_v4.txt
http://www.tibco.com/mk/advisory.jsp
http://www.tibco.com/assets/bltdb348db4de625c6f/2014-006-Spotfire-advisory-cm-including3.X_v4.txt
http://www.tibco.com/mk/advisory.jsp