{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-04-09T00:00:00", "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Spotfire Web Player Engine, Spotfire Desktop, and Spotfire Server Authentication Module in TIBCO Spotfire Server 3.3.x before 3.3.4, 4.5.x before 4.5.1, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.2; Spotfire Professional 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Web Player 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Automation Services 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Deployment Kit 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Desktop 6.x before 6.0.1; and Spotfire Analyst 6.x before 6.0.1 allows remote attackers to execute arbitrary code via unknown vectors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2014-04-09T23:57:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.tibco.com/mk/advisory.jsp"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.tibco.com/multimedia/spotfire_advisory_20140409_tcm8-20764.txt"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-2544", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in Spotfire Web Player Engine, Spotfire Desktop, and Spotfire Server Authentication Module in TIBCO Spotfire Server 3.3.x before 3.3.4, 4.5.x before 4.5.1, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.2; Spotfire Professional 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Web Player 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Automation Services 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Deployment Kit 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Desktop 6.x before 6.0.1; and Spotfire Analyst 6.x before 6.0.1 allows remote attackers to execute arbitrary code via unknown vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.tibco.com/mk/advisory.jsp", "refsource": "CONFIRM", "url": "http://www.tibco.com/mk/advisory.jsp"}, {"name": "http://www.tibco.com/multimedia/spotfire_advisory_20140409_tcm8-20764.txt", "refsource": "CONFIRM", "url": "http://www.tibco.com/multimedia/spotfire_advisory_20140409_tcm8-20764.txt"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2014-2544", "datePublished": "2014-04-09T23:00:00", "dateReserved": "2014-03-18T00:00:00", "dateUpdated": "2014-04-09T23:57:00", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:tibco:web_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "510CA323-B934-4E21-BBA7-6C8AB743A31B", "versionEndIncluding": "4.0.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:web_player:4.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "BD7BD64F-8BDE-4C4C-BC7A-C9B0167FACDF", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:web_player:4.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "C2D6FFF8-F98B-407C-A829-0B91FC4D8C44", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:web_player:5.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "A4A57B0A-50AF-43C5-8A7D-F5CDFB5B32B7", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:web_player:5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "949E467E-D9D8-4728-9094-C5088C198FD8", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:web_player:5.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "D159C492-3864-40D1-85B2-9C189D33329F", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:web_player:6.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "994ECEE1-6CFA-425C-A9F0-BA25841F2156", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:tibco:automation_services:*:*:*:*:*:*:*:*", "matchCriteriaId": "77A30F20-45B0-4AC2-A37F-F1F783961975", "versionEndIncluding": "4.0.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:automation_services:4.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "5E329512-5F24-4567-9A51-B444562A4EE5", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:automation_services:4.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "FEF8F459-BFC4-4911-BB9E-8096F1C96DC4", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:automation_services:5.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "DD4DF08F-0596-498C-AD91-EB23CF430B8C", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:automation_services:5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "3CE858A6-5F10-4814-8C36-24DD2A2A09DE", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:automation_services:5.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "445DCDE7-2CF1-45D4-A3E7-42C3F57A38AD", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:automation_services:6.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "748A7F6F-10D5-44AD-9132-84FFED4463A6", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:tibco:spotfire_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "1A9A0E60-1053-4F00-AAB2-324DC692565B", "versionEndIncluding": "3.3.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:spotfire_server:4.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "02D29A5D-2A3B-465F-876F-B63C2D5E31C5", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:spotfire_server:5.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "DDDBB141-ACAB-4DCD-A83C-07A35100E4A0", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:spotfire_server:5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "BDEF086A-9352-4EA4-9DCF-C669EF6DA1A9", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:spotfire_server:5.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "A25EDFEF-5AB5-4416-9DA1-CD5F09E7D2F3", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:spotfire_server:6.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "A424AA69-6047-4C18-B34A-CF6900E49C9E", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:spotfire_server:6.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "136549C9-317D-455D-870B-9DEB8972C837", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:tibco:spotfire_professional:*:*:*:*:*:*:*:*", "matchCriteriaId": "ACC5A4D4-4A6E-42FF-9922-BEED9BCA824B", "versionEndIncluding": "4.0.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:spotfire_professional:4.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "72554ACD-0BC9-45ED-AC16-94446833CEE3", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:spotfire_professional:4.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "86927D68-7280-4131-80B0-464C2B167CD1", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:spotfire_professional:5.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "44983E3B-510A-4D3F-A050-3E29B44B4D6A", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:spotfire_professional:5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "5E985BE9-C78D-4058-BBEE-C66FBC4F09F2", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:spotfire_professional:5.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "58F86192-3853-46F4-A78B-73205A3370EC", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:spotfire_professional:6.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "266F4FB1-93F9-4A3A-98B1-7C1F72FD2422", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:tibco:analyst:*:*:*:*:*:*:*:*", "matchCriteriaId": "CDFD91AC-7D22-4792-974C-78E02394091B", "versionEndIncluding": "6.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:desktop:*:*:*:*:*:*:*:*", "matchCriteriaId": "1F7A62A5-9F4C-4ABB-92F2-9CC183FF212F", "versionEndIncluding": "6.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:tibco:deployment_kit:*:*:*:*:*:*:*:*", "matchCriteriaId": "708022C8-F5D1-4876-85CF-BD347D812C35", "versionEndIncluding": "4.0.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:deployment_kit:4.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "8BBD4A55-689B-477D-8C29-A81D32ED5017", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:deployment_kit:4.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "97349B5C-BF47-480A-9E43-4E23F692D174", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:deployment_kit:5.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "67F4CCF7-ACD2-445A-9163-E6BAC7F4CBF3", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:deployment_kit:5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "4EF0D6E9-D67F-4672-8207-356590A9AD69", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:deployment_kit:5.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "B9FEB849-971C-4080-87DA-E442E4EBFFAA", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:deployment_kit:6.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "6A66AB03-7584-4DA9-B4E3-8A93FE1FF981", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Spotfire Web Player Engine, Spotfire Desktop, and Spotfire Server Authentication Module in TIBCO Spotfire Server 3.3.x before 3.3.4, 4.5.x before 4.5.1, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.2; Spotfire Professional 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Web Player 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Automation Services 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Deployment Kit 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Desktop 6.x before 6.0.1; and Spotfire Analyst 6.x before 6.0.1 allows remote attackers to execute arbitrary code via unknown vectors."}, {"lang": "es", "value": "Vulnerabilidad no especificada en Spotfire Web Player Engine, Spotfire Desktop y el m\u00f3dulo de autenticaci\u00f3n de servidor de Spotfire en TIBCO Spotfire Server 3.3.x anterior a 3.3.4, 4.5.x anterior a 4.5.1, 5.0.x anterior a 5.0.2, 5.5.x anterior a 5.5.1 y 6.x anterior a 6.0.2; Spotfire Professional 4.0.x anterior a 4.0.4, 4.5.x anterior a 4.5.2, 5.0.x anterior a 5.0.2, 5.5.x anterior a 5.5.1 y 6.x anterior a 6.0.1; Spotfire Web Player 4.0.x anterior a 4.0.4, 4.5.x anterior a 4.5.2, 5.0.x anterior a 5.0.2, 5.5.x anterior a 5.5.1 y 6.x anterior a 6.0.1; Spotfire Automation Services 4.0.x anterior a 4.0.4, 4.5.x anterior a 4.5.2, 5.0.x anterior a 5.0.2, 5.5.x anterior a 5.5.1 y 6.x anterior a 6.0.1; Spotfire Deployment Kit 4.0.x anterior a 4.0.4, 4.5.x anterior a 4.5.2, 5.0.x anterior a 5.0.2, 5.5.x anterior a 5.5.1 y 6.x anterior a 6.0.1; Spotfire Desktop 6.x anterior a 6.0.1 y Spotfire Analyst 6.x anterior a 6.0.1 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores desconocidos."}], "id": "CVE-2014-2544", "lastModified": "2014-04-10T15:13:37.177", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-04-10T00:55:09.937", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.tibco.com/mk/advisory.jsp"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.tibco.com/multimedia/spotfire_advisory_20140409_tcm8-20764.txt"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}