CVE-2014-5285

Unspecified vulnerability in the Authentication Module in TIBCO Spotfire Server before 4.5.2, 5.0.x before 5.0.3, 5.5.x before 5.5.2, 6.0.x before 6.0.3, and 6.5.x before 6.5.1 allows remote attackers to gain privileges, and obtain sensitive information or modify data, via unknown vectors.

Published: Sep 4, 2014
Updated: Apr 13, 2023
CVE: CVE-2014-5285
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
tibco / spotfire_server	5.5.1	5.5.1.x
tibco / spotfire_server	5.0.2	5.0.2.x
tibco / spotfire_server	-	4.5.1.x
tibco / spotfire_server	6.5.0	6.5.0.x
tibco / spotfire_server	6.0.0	6.0.0.x
tibco / spotfire_server	4.5.0	4.5.0.x
tibco / spotfire_server	6.0.2	6.0.2.x
tibco / spotfire_server	6.0.1	6.0.1.x
tibco / spotfire_server	5.5.0	5.5.0.x
tibco / spotfire_server	5.0.0	5.0.0.x
tibco / spotfire_server	5.0.1	5.0.1.x

http://www.tibco.com/assets/bltdb348db4de625c6f/2014-006-Spotfire-advisory-cm-including3.X_v4.txt
http://www.tibco.com/mk/advisory.jsp

Vulnerability Database

289,784

CVE-2014-5285