CVE-2014-2544 - Vulnerability Details

Vendors	Products
Tibco	Analyst Automation Services Deployment Kit Desktop Spotfire Professional Spotfire Server Web Player

Link	Providers
http://www.tibco.com/mk/advisory.jsp
http://www.tibco.com/multimedia/spotfire_advisory_20140409_tcm8-20764.txt

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-04-09T00:00:00", "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Spotfire Web Player Engine, Spotfire Desktop, and Spotfire Server Authentication Module in TIBCO Spotfire Server 3.3.x before 3.3.4, 4.5.x before 4.5.1, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.2; Spotfire Professional 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Web Player 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Automation Services 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Deployment Kit 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Desktop 6.x before 6.0.1; and Spotfire Analyst 6.x before 6.0.1 allows remote attackers to execute arbitrary code via unknown vectors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2014-04-09T23:57:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.tibco.com/mk/advisory.jsp"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.tibco.com/multimedia/spotfire_advisory_20140409_tcm8-20764.txt"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-2544", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in Spotfire Web Player Engine, Spotfire Desktop, and Spotfire Server Authentication Module in TIBCO Spotfire Server 3.3.x before 3.3.4, 4.5.x before 4.5.1, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.2; Spotfire Professional 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Web Player 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Automation Services 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Deployment Kit 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Desktop 6.x before 6.0.1; and Spotfire Analyst 6.x before 6.0.1 allows remote attackers to execute arbitrary code via unknown vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.tibco.com/mk/advisory.jsp", "refsource": "CONFIRM", "url": "http://www.tibco.com/mk/advisory.jsp"}, {"name": "http://www.tibco.com/multimedia/spotfire_advisory_20140409_tcm8-20764.txt", "refsource": "CONFIRM", "url": "http://www.tibco.com/multimedia/spotfire_advisory_20140409_tcm8-20764.txt"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T10:21:35.804Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.tibco.com/mk/advisory.jsp"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.tibco.com/multimedia/spotfire_advisory_20140409_tcm8-20764.txt"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2014-2544", "datePublished": "2014-04-09T23:00:00", "dateReserved": "2014-03-18T00:00:00", "dateUpdated": "2024-08-06T10:21:35.804Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : n/a (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : n/a (string)

}

]

}

]

datePublic : 2014-04-09T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : Unspecified vulnerability in Spotfire Web Player Engine, Spotfire Desktop, and Spotfire Server Authentication Module in TIBCO Spotfire Server 3.3.x before 3.3.4, 4.5.x before 4.5.1, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.2; Spotfire Professional 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Web Player 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Automation Services 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Deployment Kit 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Desktop 6.x before 6.0.1; and Spotfire Analyst 6.x before 6.0.1 allows remote attackers to execute arbitrary code via unknown vectors. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : n/a (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2014-04-09T23:57:00 (string)

orgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

shortName : mitre (string)

}

references : [ »

0 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : http://www.tibco.com/mk/advisory.jsp (string)

}

1 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : http://www.tibco.com/multimedia/spotfire_advisory_20140409_tcm8-20764.txt (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : cve@mitre.org (string)

ID : CVE-2014-2544 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : n/a (string)

version : { »

version_data : [ »

0 : { »

version_value : n/a (string)

}

]

}

]

}

vendor_name : n/a (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : Unspecified vulnerability in Spotfire Web Player Engine, Spotfire Desktop, and Spotfire Server Authentication Module in TIBCO Spotfire Server 3.3.x before 3.3.4, 4.5.x before 4.5.1, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.2; Spotfire Professional 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Web Player 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Automation Services 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Deployment Kit 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Desktop 6.x before 6.0.1; and Spotfire Analyst 6.x before 6.0.1 allows remote attackers to execute arbitrary code via unknown vectors. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : n/a (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : http://www.tibco.com/mk/advisory.jsp (string)

refsource : CONFIRM (string)

url : http://www.tibco.com/mk/advisory.jsp (string)

}

1 : { »

name : http://www.tibco.com/multimedia/spotfire_advisory_20140409_tcm8-20764.txt (string)

refsource : CONFIRM (string)

url : http://www.tibco.com/multimedia/spotfire_advisory_20140409_tcm8-20764.txt (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-06T10:21:35.804Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : http://www.tibco.com/mk/advisory.jsp (string)

}

1 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : http://www.tibco.com/multimedia/spotfire_advisory_20140409_tcm8-20764.txt (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

assignerShortName : mitre (string)

cveId : CVE-2014-2544 (string)

datePublished : 2014-04-09T23:00:00 (string)

dateReserved : 2014-03-18T00:00:00 (string)

dateUpdated : 2024-08-06T10:21:35.804Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:tibco:web_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "510CA323-B934-4E21-BBA7-6C8AB743A31B", "versionEndIncluding": "4.0.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:web_player:4.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "BD7BD64F-8BDE-4C4C-BC7A-C9B0167FACDF", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:web_player:4.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "C2D6FFF8-F98B-407C-A829-0B91FC4D8C44", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:web_player:5.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "A4A57B0A-50AF-43C5-8A7D-F5CDFB5B32B7", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:web_player:5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "949E467E-D9D8-4728-9094-C5088C198FD8", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:web_player:5.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "D159C492-3864-40D1-85B2-9C189D33329F", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:web_player:6.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "994ECEE1-6CFA-425C-A9F0-BA25841F2156", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:tibco:automation_services:*:*:*:*:*:*:*:*", "matchCriteriaId": "77A30F20-45B0-4AC2-A37F-F1F783961975", "versionEndIncluding": "4.0.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:automation_services:4.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "5E329512-5F24-4567-9A51-B444562A4EE5", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:automation_services:4.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "FEF8F459-BFC4-4911-BB9E-8096F1C96DC4", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:automation_services:5.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "DD4DF08F-0596-498C-AD91-EB23CF430B8C", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:automation_services:5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "3CE858A6-5F10-4814-8C36-24DD2A2A09DE", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:automation_services:5.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "445DCDE7-2CF1-45D4-A3E7-42C3F57A38AD", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:automation_services:6.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "748A7F6F-10D5-44AD-9132-84FFED4463A6", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:tibco:spotfire_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "1A9A0E60-1053-4F00-AAB2-324DC692565B", "versionEndIncluding": "3.3.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:spotfire_server:4.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "02D29A5D-2A3B-465F-876F-B63C2D5E31C5", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:spotfire_server:5.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "DDDBB141-ACAB-4DCD-A83C-07A35100E4A0", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:spotfire_server:5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "BDEF086A-9352-4EA4-9DCF-C669EF6DA1A9", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:spotfire_server:5.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "A25EDFEF-5AB5-4416-9DA1-CD5F09E7D2F3", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:spotfire_server:6.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "A424AA69-6047-4C18-B34A-CF6900E49C9E", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:spotfire_server:6.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "136549C9-317D-455D-870B-9DEB8972C837", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:tibco:spotfire_professional:*:*:*:*:*:*:*:*", "matchCriteriaId": "ACC5A4D4-4A6E-42FF-9922-BEED9BCA824B", "versionEndIncluding": "4.0.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:spotfire_professional:4.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "72554ACD-0BC9-45ED-AC16-94446833CEE3", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:spotfire_professional:4.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "86927D68-7280-4131-80B0-464C2B167CD1", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:spotfire_professional:5.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "44983E3B-510A-4D3F-A050-3E29B44B4D6A", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:spotfire_professional:5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "5E985BE9-C78D-4058-BBEE-C66FBC4F09F2", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:spotfire_professional:5.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "58F86192-3853-46F4-A78B-73205A3370EC", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:spotfire_professional:6.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "266F4FB1-93F9-4A3A-98B1-7C1F72FD2422", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:tibco:analyst:*:*:*:*:*:*:*:*", "matchCriteriaId": "CDFD91AC-7D22-4792-974C-78E02394091B", "versionEndIncluding": "6.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:desktop:*:*:*:*:*:*:*:*", "matchCriteriaId": "1F7A62A5-9F4C-4ABB-92F2-9CC183FF212F", "versionEndIncluding": "6.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:tibco:deployment_kit:*:*:*:*:*:*:*:*", "matchCriteriaId": "708022C8-F5D1-4876-85CF-BD347D812C35", "versionEndIncluding": "4.0.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:deployment_kit:4.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "8BBD4A55-689B-477D-8C29-A81D32ED5017", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:deployment_kit:4.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "97349B5C-BF47-480A-9E43-4E23F692D174", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:deployment_kit:5.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "67F4CCF7-ACD2-445A-9163-E6BAC7F4CBF3", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:deployment_kit:5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "4EF0D6E9-D67F-4672-8207-356590A9AD69", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:deployment_kit:5.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "B9FEB849-971C-4080-87DA-E442E4EBFFAA", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:deployment_kit:6.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "6A66AB03-7584-4DA9-B4E3-8A93FE1FF981", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Spotfire Web Player Engine, Spotfire Desktop, and Spotfire Server Authentication Module in TIBCO Spotfire Server 3.3.x before 3.3.4, 4.5.x before 4.5.1, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.2; Spotfire Professional 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Web Player 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Automation Services 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Deployment Kit 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Desktop 6.x before 6.0.1; and Spotfire Analyst 6.x before 6.0.1 allows remote attackers to execute arbitrary code via unknown vectors."}, {"lang": "es", "value": "Vulnerabilidad no especificada en Spotfire Web Player Engine, Spotfire Desktop y el m\u00f3dulo de autenticaci\u00f3n de servidor de Spotfire en TIBCO Spotfire Server 3.3.x anterior a 3.3.4, 4.5.x anterior a 4.5.1, 5.0.x anterior a 5.0.2, 5.5.x anterior a 5.5.1 y 6.x anterior a 6.0.2; Spotfire Professional 4.0.x anterior a 4.0.4, 4.5.x anterior a 4.5.2, 5.0.x anterior a 5.0.2, 5.5.x anterior a 5.5.1 y 6.x anterior a 6.0.1; Spotfire Web Player 4.0.x anterior a 4.0.4, 4.5.x anterior a 4.5.2, 5.0.x anterior a 5.0.2, 5.5.x anterior a 5.5.1 y 6.x anterior a 6.0.1; Spotfire Automation Services 4.0.x anterior a 4.0.4, 4.5.x anterior a 4.5.2, 5.0.x anterior a 5.0.2, 5.5.x anterior a 5.5.1 y 6.x anterior a 6.0.1; Spotfire Deployment Kit 4.0.x anterior a 4.0.4, 4.5.x anterior a 4.5.2, 5.0.x anterior a 5.0.2, 5.5.x anterior a 5.5.1 y 6.x anterior a 6.0.1; Spotfire Desktop 6.x anterior a 6.0.1 y Spotfire Analyst 6.x anterior a 6.0.1 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores desconocidos."}], "id": "CVE-2014-2544", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-04-10T00:55:09.937", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.tibco.com/mk/advisory.jsp"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.tibco.com/multimedia/spotfire_advisory_20140409_tcm8-20764.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.tibco.com/mk/advisory.jsp"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.tibco.com/multimedia/spotfire_advisory_20140409_tcm8-20764.txt"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:tibco:web_player:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 510CA323-B934-4E21-BBA7-6C8AB743A31B (string)

versionEndIncluding : 4.0.3 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:tibco:web_player:4.5.0:*:*:*:*:*:*:* (string)

matchCriteriaId : BD7BD64F-8BDE-4C4C-BC7A-C9B0167FACDF (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:tibco:web_player:4.5.1:*:*:*:*:*:*:* (string)

matchCriteriaId : C2D6FFF8-F98B-407C-A829-0B91FC4D8C44 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:tibco:web_player:5.0.0:*:*:*:*:*:*:* (string)

matchCriteriaId : A4A57B0A-50AF-43C5-8A7D-F5CDFB5B32B7 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:tibco:web_player:5.0.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 949E467E-D9D8-4728-9094-C5088C198FD8 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:a:tibco:web_player:5.5.0:*:*:*:*:*:*:* (string)

matchCriteriaId : D159C492-3864-40D1-85B2-9C189D33329F (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:a:tibco:web_player:6.0.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 994ECEE1-6CFA-425C-A9F0-BA25841F2156 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

1 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:tibco:automation_services:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 77A30F20-45B0-4AC2-A37F-F1F783961975 (string)

versionEndIncluding : 4.0.3 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:tibco:automation_services:4.5.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 5E329512-5F24-4567-9A51-B444562A4EE5 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:tibco:automation_services:4.5.1:*:*:*:*:*:*:* (string)

matchCriteriaId : FEF8F459-BFC4-4911-BB9E-8096F1C96DC4 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:tibco:automation_services:5.0.0:*:*:*:*:*:*:* (string)

matchCriteriaId : DD4DF08F-0596-498C-AD91-EB23CF430B8C (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:tibco:automation_services:5.0.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 3CE858A6-5F10-4814-8C36-24DD2A2A09DE (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:a:tibco:automation_services:5.5.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 445DCDE7-2CF1-45D4-A3E7-42C3F57A38AD (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:a:tibco:automation_services:6.0.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 748A7F6F-10D5-44AD-9132-84FFED4463A6 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

2 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:tibco:spotfire_server:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 1A9A0E60-1053-4F00-AAB2-324DC692565B (string)

versionEndIncluding : 3.3.3 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:tibco:spotfire_server:4.5.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 02D29A5D-2A3B-465F-876F-B63C2D5E31C5 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:tibco:spotfire_server:5.0.0:*:*:*:*:*:*:* (string)

matchCriteriaId : DDDBB141-ACAB-4DCD-A83C-07A35100E4A0 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:tibco:spotfire_server:5.0.1:*:*:*:*:*:*:* (string)

matchCriteriaId : BDEF086A-9352-4EA4-9DCF-C669EF6DA1A9 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:tibco:spotfire_server:5.5.0:*:*:*:*:*:*:* (string)

matchCriteriaId : A25EDFEF-5AB5-4416-9DA1-CD5F09E7D2F3 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:a:tibco:spotfire_server:6.0.0:*:*:*:*:*:*:* (string)

matchCriteriaId : A424AA69-6047-4C18-B34A-CF6900E49C9E (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:a:tibco:spotfire_server:6.0.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 136549C9-317D-455D-870B-9DEB8972C837 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

3 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:tibco:spotfire_professional:*:*:*:*:*:*:*:* (string)

matchCriteriaId : ACC5A4D4-4A6E-42FF-9922-BEED9BCA824B (string)

versionEndIncluding : 4.0.3 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:tibco:spotfire_professional:4.5.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 72554ACD-0BC9-45ED-AC16-94446833CEE3 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:tibco:spotfire_professional:4.5.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 86927D68-7280-4131-80B0-464C2B167CD1 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:tibco:spotfire_professional:5.0.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 44983E3B-510A-4D3F-A050-3E29B44B4D6A (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:tibco:spotfire_professional:5.0.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 5E985BE9-C78D-4058-BBEE-C66FBC4F09F2 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:a:tibco:spotfire_professional:5.5.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 58F86192-3853-46F4-A78B-73205A3370EC (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:a:tibco:spotfire_professional:6.0.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 266F4FB1-93F9-4A3A-98B1-7C1F72FD2422 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

4 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:tibco:analyst:*:*:*:*:*:*:*:* (string)

matchCriteriaId : CDFD91AC-7D22-4792-974C-78E02394091B (string)

versionEndIncluding : 6.0.0 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:tibco:desktop:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 1F7A62A5-9F4C-4ABB-92F2-9CC183FF212F (string)

versionEndIncluding : 6.0.0 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

5 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:tibco:deployment_kit:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 708022C8-F5D1-4876-85CF-BD347D812C35 (string)

versionEndIncluding : 4.0.3 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:tibco:deployment_kit:4.5.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 8BBD4A55-689B-477D-8C29-A81D32ED5017 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:tibco:deployment_kit:4.5.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 97349B5C-BF47-480A-9E43-4E23F692D174 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:tibco:deployment_kit:5.0.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 67F4CCF7-ACD2-445A-9163-E6BAC7F4CBF3 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:tibco:deployment_kit:5.0.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 4EF0D6E9-D67F-4672-8207-356590A9AD69 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:a:tibco:deployment_kit:5.5.0:*:*:*:*:*:*:* (string)

matchCriteriaId : B9FEB849-971C-4080-87DA-E442E4EBFFAA (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:a:tibco:deployment_kit:6.0.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 6A66AB03-7584-4DA9-B4E3-8A93FE1FF981 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : Unspecified vulnerability in Spotfire Web Player Engine, Spotfire Desktop, and Spotfire Server Authentication Module in TIBCO Spotfire Server 3.3.x before 3.3.4, 4.5.x before 4.5.1, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.2; Spotfire Professional 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Web Player 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Automation Services 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Deployment Kit 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Desktop 6.x before 6.0.1; and Spotfire Analyst 6.x before 6.0.1 allows remote attackers to execute arbitrary code via unknown vectors. (string)

}

1 : { »

lang : es (string)

value : Vulnerabilidad no especificada en Spotfire Web Player Engine, Spotfire Desktop y el módulo de autenticación de servidor de Spotfire en TIBCO Spotfire Server 3.3.x anterior a 3.3.4, 4.5.x anterior a 4.5.1, 5.0.x anterior a 5.0.2, 5.5.x anterior a 5.5.1 y 6.x anterior a 6.0.2; Spotfire Professional 4.0.x anterior a 4.0.4, 4.5.x anterior a 4.5.2, 5.0.x anterior a 5.0.2, 5.5.x anterior a 5.5.1 y 6.x anterior a 6.0.1; Spotfire Web Player 4.0.x anterior a 4.0.4, 4.5.x anterior a 4.5.2, 5.0.x anterior a 5.0.2, 5.5.x anterior a 5.5.1 y 6.x anterior a 6.0.1; Spotfire Automation Services 4.0.x anterior a 4.0.4, 4.5.x anterior a 4.5.2, 5.0.x anterior a 5.0.2, 5.5.x anterior a 5.5.1 y 6.x anterior a 6.0.1; Spotfire Deployment Kit 4.0.x anterior a 4.0.4, 4.5.x anterior a 4.5.2, 5.0.x anterior a 5.0.2, 5.5.x anterior a 5.5.1 y 6.x anterior a 6.0.1; Spotfire Desktop 6.x anterior a 6.0.1 y Spotfire Analyst 6.x anterior a 6.0.1 permite a atacantes remotos ejecutar código arbitrario a través de vectores desconocidos. (string)

}

]

id : CVE-2014-2544 (string)

lastModified : 2025-04-12T10:46:40.837 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : HIGH (string)

cvssData : { »

accessComplexity : LOW (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : PARTIAL (string)

baseScore : 7.5 (number)

confidentialityImpact : PARTIAL (string)

integrityImpact : PARTIAL (string)

vectorString : AV:N/AC:L/Au:N/C:P/I:P/A:P (string)

version : 2.0 (string)

}

exploitabilityScore : 10 (number)

impactScore : 6.4 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

}

published : 2014-04-10T00:55:09.937 (string)

references : [ »

0 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://www.tibco.com/mk/advisory.jsp (string)

}

1 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://www.tibco.com/multimedia/spotfire_advisory_20140409_tcm8-20764.txt (string)

}

2 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://www.tibco.com/mk/advisory.jsp (string)

}

3 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://www.tibco.com/multimedia/spotfire_advisory_20140409_tcm8-20764.txt (string)

}

]

sourceIdentifier : cve@mitre.org (string)

vulnStatus : Deferred (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : NVD-CWE-noinfo (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object