Lucene search

MitreCVE-2015-5712

HistoryOct 28, 2015 - 10:59 a.m.

CVE-2015-5712

2015-10-2810:59:08

CWE-200

mitre

web.nvd.nist.gov

tibco

spotfire

server

analytics platform

rce

cve-2015-5712

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

AI Score

6.1

Confidence

Low

EPSS

0.001

Percentile

48.3%

JSON

Spotfire Parsing Library and Spotfire Security Filter in TIBCO Spotfire Server 5.5.x before 5.5.4, 6.0.x before 6.0.5, 6.5.x before 6.5.4, and 7.0.x before 7.0.1 and Spotfire Analytics Platform before 7.0.2 for AWS Marketplace allow remote authenticated users to obtain sensitive system information by visiting an unspecified URL.

Affected configurations

Nvd

Node

tibcospotfire_analytics_platform_for_awsRange≤7.0.1

Node

tibcospotfire_serverMatch5.0.0

tibcospotfire_serverMatch5.0.1

tibcospotfire_serverMatch5.0.2

tibcospotfire_serverMatch5.5.0

tibcospotfire_serverMatch5.5.1

tibcospotfire_serverMatch5.5.2

tibcospotfire_serverMatch5.5.3

tibcospotfire_serverMatch6.0.0

tibcospotfire_serverMatch6.0.1

tibcospotfire_serverMatch6.0.2

tibcospotfire_serverMatch6.0.3

tibcospotfire_serverMatch6.0.4

tibcospotfire_serverMatch6.5.0

tibcospotfire_serverMatch6.5.1

tibcospotfire_serverMatch6.5.2

tibcospotfire_serverMatch6.5.3

tibcospotfire_serverMatch7.0.0

VendorProductVersionCPE
tibcospotfire_analytics_platform_for_aws*cpe:2.3:a:tibco:spotfire_analytics_platform_for_aws:*:*:*:*:*:*:*:*
tibcospotfire_server5.0.0cpe:2.3:a:tibco:spotfire_server:5.0.0:*:*:*:*:*:*:*
tibcospotfire_server5.0.1cpe:2.3:a:tibco:spotfire_server:5.0.1:*:*:*:*:*:*:*
tibcospotfire_server5.0.2cpe:2.3:a:tibco:spotfire_server:5.0.2:*:*:*:*:*:*:*
tibcospotfire_server5.5.0cpe:2.3:a:tibco:spotfire_server:5.5.0:*:*:*:*:*:*:*
tibcospotfire_server5.5.1cpe:2.3:a:tibco:spotfire_server:5.5.1:*:*:*:*:*:*:*
tibcospotfire_server5.5.2cpe:2.3:a:tibco:spotfire_server:5.5.2:*:*:*:*:*:*:*
tibcospotfire_server5.5.3cpe:2.3:a:tibco:spotfire_server:5.5.3:*:*:*:*:*:*:*
tibcospotfire_server6.0.0cpe:2.3:a:tibco:spotfire_server:6.0.0:*:*:*:*:*:*:*
tibcospotfire_server6.0.1cpe:2.3:a:tibco:spotfire_server:6.0.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
tibco	spotfire_analytics_platform_for_aws	*	cpe:2.3:a:tibco:spotfire_analytics_platform_for_aws::::::::
tibco	spotfire_server	5.0.0	cpe:2.3:a:tibco:spotfire_server:5.0.0:::::::*
tibco	spotfire_server	5.0.1	cpe:2.3:a:tibco:spotfire_server:5.0.1:::::::*
tibco	spotfire_server	5.0.2	cpe:2.3:a:tibco:spotfire_server:5.0.2:::::::*
tibco	spotfire_server	5.5.0	cpe:2.3:a:tibco:spotfire_server:5.5.0:::::::*
tibco	spotfire_server	5.5.1	cpe:2.3:a:tibco:spotfire_server:5.5.1:::::::*
tibco	spotfire_server	5.5.2	cpe:2.3:a:tibco:spotfire_server:5.5.2:::::::*
tibco	spotfire_server	5.5.3	cpe:2.3:a:tibco:spotfire_server:5.5.3:::::::*
tibco	spotfire_server	6.0.0	cpe:2.3:a:tibco:spotfire_server:6.0.0:::::::*
tibco	spotfire_server	6.0.1	cpe:2.3:a:tibco:spotfire_server:6.0.1:::::::*

Rows per page:

1-10 of 181

References

www.securitytracker.com/id/1034011

www.tibco.com/assets/blt3a3a55ab42f2f5cd/2015-004-advisory.txt

www.tibco.com/mk/advisory.jsp

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

AI Score

6.1

Confidence

Low

EPSS

0.001

Percentile

48.3%

JSON

Related for CVE-2015-5712