CVE-2015-4554

Multiple unspecified vulnerabilities in TIBCO Spotfire Client and Spotfire Web Player Client in Spotfire Analyst before 5.5.2, 6.0.x before 6.0.3, 6.5.x before 6.5.3, and 7.0.x before 7.0.1; Spotfire Analytics Platform for AWS 6.5 and 7.0.x before 7.0.1; Spotfire Automation Services before 5.5.2, 6.0.x before 6.0.3, 6.5.x before 6.5.3, and 7.0.x before 7.0.1; Spotfire Deployment Kit before 5.5.2, 6.0.x before 6.0.3, 6.5.x before 6.5.3, and 7.0.x before 7.0.1; Spotfire Desktop before 6.5.2 and 7.0.x before 7.0.1; Spotfire Desktop Language Packs 7.0.x before 7.0.1; Spotfire Professional before 5.5.2, 6.0.x before 6.0.3, 6.5.x before 6.5.3, and 7.0.x before 7.0.1; Spotfire Web Player before 5.5.2, 6.0.x before 6.0.3, 6.5.x before 6.5.3, and 7.0.x before 7.0.1; and Silver Fabric Enabler for Spotfire Web Player before 2.1.1 allow remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 80%
VendorProductVersion
tibcospotfire_deployment_kit
𝑥
≤ 5.5.1
tibcospotfire_deployment_kit
6.0.0
tibcospotfire_deployment_kit
6.0.1
tibcospotfire_deployment_kit
6.0.2
tibcospotfire_deployment_kit
6.5.0
tibcospotfire_deployment_kit
6.5.1
tibcospotfire_deployment_kit
6.5.2
tibcospotfire_deployment_kit
7.0.0
tibcospotfire_professional
𝑥
≤ 5.5.1
tibcospotfire_professional
6.0.0
tibcospotfire_professional
6.0.1
tibcospotfire_professional
6.0.2
tibcospotfire_professional
6.5.0
tibcospotfire_professional
6.5.1
tibcospotfire_professional
6.5.2
tibcospotfire_professional
7.0.0
tibcospotfire_web_player
𝑥
≤ 5.5.1
tibcospotfire_web_player
6.0.0
tibcospotfire_web_player
6.0.1
tibcospotfire_web_player
6.0.2
tibcospotfire_web_player
6.5.0
tibcospotfire_web_player
6.5.1
tibcospotfire_web_player
6.5.2
tibcospotfire_web_player
7.0.0
tibcospotfire_desktop
𝑥
≤ 6.5.1
tibcospotfire_desktop
7.0.0
tibcospotfire_desktop_language_packs
7.0.0
tibcospotfire_automation_services
𝑥
≤ 5.5.1
tibcospotfire_automation_services
6.0.0
tibcospotfire_automation_services
6.0.1
tibcospotfire_automation_services
6.0.2
tibcospotfire_automation_services
6.5.0
tibcospotfire_automation_services
6.5.1
tibcospotfire_automation_services
6.5.2
tibcospotfire_automation_services
7.0.0
tibcospotfire_analyst
𝑥
≤ 5.5.1
tibcospotfire_analyst
6.0.0
tibcospotfire_analyst
6.0.1
tibcospotfire_analyst
6.0.2
tibcospotfire_analyst
6.5.0
tibcospotfire_analyst
6.5.1
tibcospotfire_analyst
6.5.2
tibcospotfire_analyst
7.0.0
tibcosilver_fabric_enabler_for_spotfire_webplayer
2.1.0
tibcospotfire_analytics_platform_for_aws
6.5
tibcospotfire_analytics_platform_for_aws
7.0.0
𝑥
= Vulnerable software versions
References
http://www.securitytracker.com/id/1033015
http://www.tibco.com/assets/blt1fd126faba191a9f/2015-001-advisory.txt
http://www.tibco.com/mk/advisory.jsp
http://www.securitytracker.com/id/1033015
http://www.tibco.com/assets/blt1fd126faba191a9f/2015-001-advisory.txt
http://www.tibco.com/mk/advisory.jsp