Vulnerability CVE-2014-7195


Published: 2014-11-20   Modified: 2014-11-21

Description:
Spotfire Web Player Engine in TIBCO Spotfire Web Player 6.0.x before 6.0.2 and 6.5.x before 6.5.2, Spotfire Deployment Kit 6.0.x before 6.0.2 and 6.5.x before 6.5.2, and Silver Fabric Enabler for Spotfire Web Player before 1.6.1 allows remote authenticated users to obtain sensitive information via unspecified vectors.

See advisories in our WLB2 database:
Topic
Author
Date
Low
TIBCO Spotfire Web Player vulnerabilities
TIBCO
22.11.2014

Type:

CWE-200

(Information Exposure)

CVSS2 => (AV:N/AC:L/Au:S/C:P/I:N/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4/10
2.9/10
8/10
Exploit range
Attack complexity
Authentication
Remote
Low
Single time
Confidentiality impact
Integrity impact
Availability impact
Partial
None
None
Affected software
Tibco -> Silver fabric enabler 
Tibco -> Spotfire deployment kit 
Tibco -> Spotfire web player 

 References:
http://www.tibco.com/mk/advisory.jsp
http://www.tibco.com/assets/blta5b5c969aff51474/2014-009-spotfire-advisory.txt

Copyright 2024, cxsecurity.com

 

Back to Top