Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2015-4554

Опубликовано: 21 июл. 2015
Источник: nvd
CVSS2: 7.5
EPSS Низкий

Описание

Multiple unspecified vulnerabilities in TIBCO Spotfire Client and Spotfire Web Player Client in Spotfire Analyst before 5.5.2, 6.0.x before 6.0.3, 6.5.x before 6.5.3, and 7.0.x before 7.0.1; Spotfire Analytics Platform for AWS 6.5 and 7.0.x before 7.0.1; Spotfire Automation Services before 5.5.2, 6.0.x before 6.0.3, 6.5.x before 6.5.3, and 7.0.x before 7.0.1; Spotfire Deployment Kit before 5.5.2, 6.0.x before 6.0.3, 6.5.x before 6.5.3, and 7.0.x before 7.0.1; Spotfire Desktop before 6.5.2 and 7.0.x before 7.0.1; Spotfire Desktop Language Packs 7.0.x before 7.0.1; Spotfire Professional before 5.5.2, 6.0.x before 6.0.3, 6.5.x before 6.5.3, and 7.0.x before 7.0.1; Spotfire Web Player before 5.5.2, 6.0.x before 6.0.3, 6.5.x before 6.5.3, and 7.0.x before 7.0.1; and Silver Fabric Enabler for Spotfire Web Player before 2.1.1 allow remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:tibco:spotfire_deployment_kit:*:*:*:*:*:*:*:*
Версия до 5.5.1 (включая)
cpe:2.3:a:tibco:spotfire_deployment_kit:6.0.0:*:*:*:*:*:*:*
cpe:2.3:a:tibco:spotfire_deployment_kit:6.0.1:*:*:*:*:*:*:*
cpe:2.3:a:tibco:spotfire_deployment_kit:6.0.2:*:*:*:*:*:*:*
cpe:2.3:a:tibco:spotfire_deployment_kit:6.5.0:*:*:*:*:*:*:*
cpe:2.3:a:tibco:spotfire_deployment_kit:6.5.1:*:*:*:*:*:*:*
cpe:2.3:a:tibco:spotfire_deployment_kit:6.5.2:*:*:*:*:*:*:*
cpe:2.3:a:tibco:spotfire_deployment_kit:7.0.0:*:*:*:*:*:*:*
Конфигурация 2

Одно из

cpe:2.3:a:tibco:spotfire_professional:*:*:*:*:*:*:*:*
Версия до 5.5.1 (включая)
cpe:2.3:a:tibco:spotfire_professional:6.0.0:*:*:*:*:*:*:*
cpe:2.3:a:tibco:spotfire_professional:6.0.1:*:*:*:*:*:*:*
cpe:2.3:a:tibco:spotfire_professional:6.0.2:*:*:*:*:*:*:*
cpe:2.3:a:tibco:spotfire_professional:6.5.0:*:*:*:*:*:*:*
cpe:2.3:a:tibco:spotfire_professional:6.5.1:*:*:*:*:*:*:*
cpe:2.3:a:tibco:spotfire_professional:6.5.2:*:*:*:*:*:*:*
cpe:2.3:a:tibco:spotfire_professional:7.0.0:*:*:*:*:*:*:*
Конфигурация 3

Одно из

cpe:2.3:a:tibco:spotfire_web_player:*:*:*:*:*:*:*:*
Версия до 5.5.1 (включая)
cpe:2.3:a:tibco:spotfire_web_player:6.0.0:*:*:*:*:*:*:*
cpe:2.3:a:tibco:spotfire_web_player:6.0.1:*:*:*:*:*:*:*
cpe:2.3:a:tibco:spotfire_web_player:6.0.2:*:*:*:*:*:*:*
cpe:2.3:a:tibco:spotfire_web_player:6.5.0:*:*:*:*:*:*:*
cpe:2.3:a:tibco:spotfire_web_player:6.5.1:*:*:*:*:*:*:*
cpe:2.3:a:tibco:spotfire_web_player:6.5.2:*:*:*:*:*:*:*
cpe:2.3:a:tibco:spotfire_web_player:7.0.0:*:*:*:*:*:*:*
Конфигурация 4

Одно из

cpe:2.3:a:tibco:spotfire_desktop:*:*:*:*:*:*:*:*
Версия до 6.5.1 (включая)
cpe:2.3:a:tibco:spotfire_desktop:7.0.0:*:*:*:*:*:*:*
Конфигурация 5
cpe:2.3:a:tibco:spotfire_desktop_language_packs:7.0.0:*:*:*:*:*:*:*
Конфигурация 6

Одно из

cpe:2.3:a:tibco:spotfire_automation_services:*:*:*:*:*:*:*:*
Версия до 5.5.1 (включая)
cpe:2.3:a:tibco:spotfire_automation_services:6.0.0:*:*:*:*:*:*:*
cpe:2.3:a:tibco:spotfire_automation_services:6.0.1:*:*:*:*:*:*:*
cpe:2.3:a:tibco:spotfire_automation_services:6.0.2:*:*:*:*:*:*:*
cpe:2.3:a:tibco:spotfire_automation_services:6.5.0:*:*:*:*:*:*:*
cpe:2.3:a:tibco:spotfire_automation_services:6.5.1:*:*:*:*:*:*:*
cpe:2.3:a:tibco:spotfire_automation_services:6.5.2:*:*:*:*:*:*:*
cpe:2.3:a:tibco:spotfire_automation_services:7.0.0:*:*:*:*:*:*:*
Конфигурация 7

Одно из

cpe:2.3:a:tibco:spotfire_analyst:*:*:*:*:*:*:*:*
Версия до 5.5.1 (включая)
cpe:2.3:a:tibco:spotfire_analyst:6.0.0:*:*:*:*:*:*:*
cpe:2.3:a:tibco:spotfire_analyst:6.0.1:*:*:*:*:*:*:*
cpe:2.3:a:tibco:spotfire_analyst:6.0.2:*:*:*:*:*:*:*
cpe:2.3:a:tibco:spotfire_analyst:6.5.0:*:*:*:*:*:*:*
cpe:2.3:a:tibco:spotfire_analyst:6.5.1:*:*:*:*:*:*:*
cpe:2.3:a:tibco:spotfire_analyst:6.5.2:*:*:*:*:*:*:*
cpe:2.3:a:tibco:spotfire_analyst:7.0.0:*:*:*:*:*:*:*
Конфигурация 8
cpe:2.3:a:tibco:silver_fabric_enabler_for_spotfire_webplayer:2.1.0:*:*:*:*:*:*:*
Конфигурация 9

Одно из

cpe:2.3:a:tibco:spotfire_analytics_platform_for_aws:6.5:*:*:*:*:*:*:*
cpe:2.3:a:tibco:spotfire_analytics_platform_for_aws:7.0.0:*:*:*:*:*:*:*

EPSS

Процентиль: 81%
0.01504
Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

github логотип

GHSA-vmxr-4rf6-8xp4

github
больше 3 лет назад

Multiple unspecified vulnerabilities in TIBCO Spotfire Client and Spotfire Web Player Client in Spotfire Analyst before 5.5.2, 6.0.x before 6.0.3, 6.5.x before 6.5.3, and 7.0.x before 7.0.1; Spotfire Analytics Platform for AWS 6.5 and 7.0.x before 7.0.1; Spotfire Automation Services before 5.5.2, 6.0.x before 6.0.3, 6.5.x before 6.5.3, and 7.0.x before 7.0.1; Spotfire Deployment Kit before 5.5.2, 6.0.x before 6.0.3, 6.5.x before 6.5.3, and 7.0.x before 7.0.1; Spotfire Desktop before 6.5.2 and 7.0.x before 7.0.1; Spotfire Desktop Language Packs 7.0.x before 7.0.1; Spotfire Professional before 5.5.2, 6.0.x before 6.0.3, 6.5.x before 6.5.3, and 7.0.x before 7.0.1; Spotfire Web Player before 5.5.2, 6.0.x before 6.0.3, 6.5.x before 6.5.3, and 7.0.x before 7.0.1; and Silver Fabric Enabler for Spotfire Web Player before 2.1.1 allow remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors.

EPSS

Процентиль: 81%
0.01504
Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-noinfo