CVSS: 4.0EPSS: 0%CPEs: 18EXPL: 0CVE-2015-5712
https://notcve.org/view.php?id=CVE-2015-5712
Spotfire Parsing Library and Spotfire Security Filter in TIBCO Spotfire Server 5.5.x before 5.5.4, 6.0.x before 6.0.5, 6.5.x before 6.5.4, and 7.0.x before 7.0.1 and Spotfire Analytics Platform before 7.0.2 for AWS Marketplace allow remote authenticated users to obtain sensitive system information by visiting an unspecified URL. Spotfire Parsing Library y Spotfire Security Filter en TIBCO Spotfire Server 5.5.x en versiones anteriores a 5.5.4, 6.0.x en versiones anteriores a 6.0.5, 6.5.x en versiones anteriores a 6.5.4 y 7.0.x en versiones anteriores a 7.0.1 y Spotfire Analytics Platform en versiones anteriores a 7.0.2 para AWS Marketplace permiten a usuarios remotos autenticados obtener información de sistema sensible visitando una URL no especificada. • http://www.securitytracker.com/id/1034011 http://www.tibco.com/assets/blt3a3a55ab42f2f5cd/2015-004-advisory.txt http://www.tibco.com/mk/advisory.jsp • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.0EPSS: 0%CPEs: 15EXPL: 0CVE-2015-5713
https://notcve.org/view.php?id=CVE-2015-5713
Spotfire Parsing Library and Spotfire Security Filter in TIBCO Spotfire Server 5.5.x before 5.5.4, 6.0.x before 6.0.5, 6.5.x before 6.5.4, and 7.0.x before 7.0.1 and Spotfire Analytics Platform before 7.0.2 for AWS Marketplace allow remote attackers to obtain sensitive log information by visiting an unspecified URL. Spotfire Parsing Library y Spotfire Security Filter en TIBCO Spotfire Server 5.5.x en versiones anteriores a 5.5.4, 6.0.x en versiones anteriores a 6.0.5, 6.5.x en versiones anteriores a 6.5.4 y 7.0.x en versiones anteriores a 7.0.1 y Spotfire Analytics Platform en versiones anteriores a 7.0.2 para AWS Marketplace permiten a atacantes remotos obtener información de log sensible visitando una URL no especificada. • http://www.securitytracker.com/id/1034011 http://www.tibco.com/assets/blt3a3a55ab42f2f5cd/2015-004-advisory.txt http://www.tibco.com/mk/advisory.jsp • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 11EXPL: 0CVE-2014-5285
https://notcve.org/view.php?id=CVE-2014-5285
Unspecified vulnerability in the Authentication Module in TIBCO Spotfire Server before 4.5.2, 5.0.x before 5.0.3, 5.5.x before 5.5.2, 6.0.x before 6.0.3, and 6.5.x before 6.5.1 allows remote attackers to gain privileges, and obtain sensitive information or modify data, via unknown vectors. Vulnerabilidad no especificada en el módulo de la autenticación en TIBCO Spotfire Server anterior a 4.5.2, 5.0.x anterior a 5.0.3, 5.5.x anterior a 5.5.2, 6.0.x anterior a 6.0.3, y 6.5.x anterior a 6.5.1 permite a atacantes remotos ganar privilegios, y obtener información sensible o modificar datos, a través de vectores desconocidos. • http://www.tibco.com/assets/bltdb348db4de625c6f/2014-006-Spotfire-advisory-cm-including3.X_v4.txt http://www.tibco.com/mk/advisory.jsp •
CVSS: 7.5EPSS: 1%CPEs: 37EXPL: 0CVE-2014-2544
https://notcve.org/view.php?id=CVE-2014-2544
Unspecified vulnerability in Spotfire Web Player Engine, Spotfire Desktop, and Spotfire Server Authentication Module in TIBCO Spotfire Server 3.3.x before 3.3.4, 4.5.x before 4.5.1, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.2; Spotfire Professional 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Web Player 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Automation Services 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Deployment Kit 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Desktop 6.x before 6.0.1; and Spotfire Analyst 6.x before 6.0.1 allows remote attackers to execute arbitrary code via unknown vectors. Vulnerabilidad no especificada en Spotfire Web Player Engine, Spotfire Desktop y el módulo de autenticación de servidor de Spotfire en TIBCO Spotfire Server 3.3.x anterior a 3.3.4, 4.5.x anterior a 4.5.1, 5.0.x anterior a 5.0.2, 5.5.x anterior a 5.5.1 y 6.x anterior a 6.0.2; Spotfire Professional 4.0.x anterior a 4.0.4, 4.5.x anterior a 4.5.2, 5.0.x anterior a 5.0.2, 5.5.x anterior a 5.5.1 y 6.x anterior a 6.0.1; Spotfire Web Player 4.0.x anterior a 4.0.4, 4.5.x anterior a 4.5.2, 5.0.x anterior a 5.0.2, 5.5.x anterior a 5.5.1 y 6.x anterior a 6.0.1; Spotfire Automation Services 4.0.x anterior a 4.0.4, 4.5.x anterior a 4.5.2, 5.0.x anterior a 5.0.2, 5.5.x anterior a 5.5.1 y 6.x anterior a 6.0.1; Spotfire Deployment Kit 4.0.x anterior a 4.0.4, 4.5.x anterior a 4.5.2, 5.0.x anterior a 5.0.2, 5.5.x anterior a 5.5.1 y 6.x anterior a 6.0.1; Spotfire Desktop 6.x anterior a 6.0.1 y Spotfire Analyst 6.x anterior a 6.0.1 permite a atacantes remotos ejecutar código arbitrario a través de vectores desconocidos. • http://www.tibco.com/mk/advisory.jsp http://www.tibco.com/multimedia/spotfire_advisory_20140409_tcm8-20764.txt •
CVSS: 5.0EPSS: 0%CPEs: 10EXPL: 0CVE-2012-0690
https://notcve.org/view.php?id=CVE-2012-0690
TIBCO Spotfire Web Application, Web Player Application, Automation Services Application, and Analytics Client Application in Spotfire Analytics Server before 10.1.2; Server before 3.3.3; and Web Player, Automation Services, and Professional before 4.0.2 allow remote attackers to obtain sensitive information via a crafted URL. TIBCO Spotfire Web Application, Web Player Application, Automation Services Application, y Analytics Client Application de Spotfire Analytics Server anteriores a 10.1.2; Server anteriores a 3.3.3; y Web Player, Automation Services, y Professional anteriores a 4.0.2 permiten a atacantes remotos obtener información confidencial a través de una URL modificada. • http://www.tibco.com/multimedia/spotfire_advisory_20120308_tcm8-15731.txt http://www.tibco.com/services/support/advisories/amx-be-spotfire-advisory_20120308.jsp • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •