CVE-2014-7195

Spotfire Web Player Engine in TIBCO Spotfire Web Player 6.0.x before 6.0.2 and 6.5.x before 6.5.2, Spotfire Deployment Kit 6.0.x before 6.0.2 and 6.5.x before 6.5.2, and Silver Fabric Enabler for Spotfire Web Player before 1.6.1 allows remote authenticated users to obtain sensitive information via unspecified vectors.

Published: Nov 21, 2014
Updated: Apr 13, 2023
CVE: CVE-2014-7195
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4
AV:N/AC:L/Au:S/C:P/I:N/A:N

CWEs:

CWE-200

Affected Software
References

Software	From	Fixed in
tibco / silver_fabric_enabler	-	1.6.0.x
tibco / spotfire_deployment_kit	6.5.1	6.5.1.x
tibco / spotfire_deployment_kit	6.0.0	6.0.0.x
tibco / spotfire_deployment_kit	6.5.0	6.5.0.x
tibco / spotfire_deployment_kit	6.0.1	6.0.1.x
tibco / spotfire_web_player	6.5.0	6.5.0.x
tibco / spotfire_web_player	6.5.1	6.5.1.x
tibco / spotfire_web_player	6.0.1	6.0.1.x
tibco / spotfire_web_player	6.0.0	6.0.0.x

http://www.tibco.com/assets/blta5b5c969aff51474/2014-009-spotfire-advisory.txt
http://www.tibco.com/mk/advisory.jsp

Vulnerability Database

289,784

CVE-2014-7195