CVE-2014-2544

{"id": "CVE-2014-2544", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2014-04-10T00:55:09.937", "references": [{"url": "http://www.tibco.com/mk/advisory.jsp", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.tibco.com/multimedia/spotfire_advisory_20140409_tcm8-20764.txt", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Spotfire Web Player Engine, Spotfire Desktop, and Spotfire Server Authentication Module in TIBCO Spotfire Server 3.3.x before 3.3.4, 4.5.x before 4.5.1, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.2; Spotfire Professional 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Web Player 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Automation Services 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Deployment Kit 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Desktop 6.x before 6.0.1; and Spotfire Analyst 6.x before 6.0.1 allows remote attackers to execute arbitrary code via unknown vectors."}, {"lang": "es", "value": "Vulnerabilidad no especificada en Spotfire Web Player Engine, Spotfire Desktop y el m\u00f3dulo de autenticaci\u00f3n de servidor de Spotfire en TIBCO Spotfire Server 3.3.x anterior a 3.3.4, 4.5.x anterior a 4.5.1, 5.0.x anterior a 5.0.2, 5.5.x anterior a 5.5.1 y 6.x anterior a 6.0.2; Spotfire Professional 4.0.x anterior a 4.0.4, 4.5.x anterior a 4.5.2, 5.0.x anterior a 5.0.2, 5.5.x anterior a 5.5.1 y 6.x anterior a 6.0.1; Spotfire Web Player 4.0.x anterior a 4.0.4, 4.5.x anterior a 4.5.2, 5.0.x anterior a 5.0.2, 5.5.x anterior a 5.5.1 y 6.x anterior a 6.0.1; Spotfire Automation Services 4.0.x anterior a 4.0.4, 4.5.x anterior a 4.5.2, 5.0.x anterior a 5.0.2, 5.5.x anterior a 5.5.1 y 6.x anterior a 6.0.1; Spotfire Deployment Kit 4.0.x anterior a 4.0.4, 4.5.x anterior a 4.5.2, 5.0.x anterior a 5.0.2, 5.5.x anterior a 5.5.1 y 6.x anterior a 6.0.1; Spotfire Desktop 6.x anterior a 6.0.1 y Spotfire Analyst 6.x anterior a 6.0.1 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores desconocidos."}], "lastModified": "2014-04-10T15:13:37.177", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:tibco:web_player:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "510CA323-B934-4E21-BBA7-6C8AB743A31B", "versionEndIncluding": "4.0.3"}, {"criteria": "cpe:2.3:a:tibco:web_player:4.5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BD7BD64F-8BDE-4C4C-BC7A-C9B0167FACDF"}, {"criteria": "cpe:2.3:a:tibco:web_player:4.5.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C2D6FFF8-F98B-407C-A829-0B91FC4D8C44"}, {"criteria": "cpe:2.3:a:tibco:web_player:5.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A4A57B0A-50AF-43C5-8A7D-F5CDFB5B32B7"}, {"criteria": "cpe:2.3:a:tibco:web_player:5.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "949E467E-D9D8-4728-9094-C5088C198FD8"}, {"criteria": "cpe:2.3:a:tibco:web_player:5.5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D159C492-3864-40D1-85B2-9C189D33329F"}, {"criteria": "cpe:2.3:a:tibco:web_player:6.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "994ECEE1-6CFA-425C-A9F0-BA25841F2156"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:tibco:automation_services:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "77A30F20-45B0-4AC2-A37F-F1F783961975", "versionEndIncluding": "4.0.3"}, {"criteria": "cpe:2.3:a:tibco:automation_services:4.5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5E329512-5F24-4567-9A51-B444562A4EE5"}, {"criteria": "cpe:2.3:a:tibco:automation_services:4.5.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FEF8F459-BFC4-4911-BB9E-8096F1C96DC4"}, {"criteria": "cpe:2.3:a:tibco:automation_services:5.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DD4DF08F-0596-498C-AD91-EB23CF430B8C"}, {"criteria": "cpe:2.3:a:tibco:automation_services:5.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3CE858A6-5F10-4814-8C36-24DD2A2A09DE"}, {"criteria": "cpe:2.3:a:tibco:automation_services:5.5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "445DCDE7-2CF1-45D4-A3E7-42C3F57A38AD"}, {"criteria": "cpe:2.3:a:tibco:automation_services:6.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "748A7F6F-10D5-44AD-9132-84FFED4463A6"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:tibco:spotfire_server:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1A9A0E60-1053-4F00-AAB2-324DC692565B", "versionEndIncluding": "3.3.3"}, {"criteria": "cpe:2.3:a:tibco:spotfire_server:4.5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "02D29A5D-2A3B-465F-876F-B63C2D5E31C5"}, {"criteria": "cpe:2.3:a:tibco:spotfire_server:5.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DDDBB141-ACAB-4DCD-A83C-07A35100E4A0"}, {"criteria": "cpe:2.3:a:tibco:spotfire_server:5.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BDEF086A-9352-4EA4-9DCF-C669EF6DA1A9"}, {"criteria": "cpe:2.3:a:tibco:spotfire_server:5.5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A25EDFEF-5AB5-4416-9DA1-CD5F09E7D2F3"}, {"criteria": "cpe:2.3:a:tibco:spotfire_server:6.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A424AA69-6047-4C18-B34A-CF6900E49C9E"}, {"criteria": "cpe:2.3:a:tibco:spotfire_server:6.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "136549C9-317D-455D-870B-9DEB8972C837"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:tibco:spotfire_professional:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ACC5A4D4-4A6E-42FF-9922-BEED9BCA824B", "versionEndIncluding": "4.0.3"}, {"criteria": "cpe:2.3:a:tibco:spotfire_professional:4.5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "72554ACD-0BC9-45ED-AC16-94446833CEE3"}, {"criteria": "cpe:2.3:a:tibco:spotfire_professional:4.5.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "86927D68-7280-4131-80B0-464C2B167CD1"}, {"criteria": "cpe:2.3:a:tibco:spotfire_professional:5.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "44983E3B-510A-4D3F-A050-3E29B44B4D6A"}, {"criteria": "cpe:2.3:a:tibco:spotfire_professional:5.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5E985BE9-C78D-4058-BBEE-C66FBC4F09F2"}, {"criteria": "cpe:2.3:a:tibco:spotfire_professional:5.5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "58F86192-3853-46F4-A78B-73205A3370EC"}, {"criteria": "cpe:2.3:a:tibco:spotfire_professional:6.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "266F4FB1-93F9-4A3A-98B1-7C1F72FD2422"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:tibco:analyst:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CDFD91AC-7D22-4792-974C-78E02394091B", "versionEndIncluding": "6.0.0"}, {"criteria": "cpe:2.3:a:tibco:desktop:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1F7A62A5-9F4C-4ABB-92F2-9CC183FF212F", "versionEndIncluding": "6.0.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:tibco:deployment_kit:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "708022C8-F5D1-4876-85CF-BD347D812C35", "versionEndIncluding": "4.0.3"}, {"criteria": "cpe:2.3:a:tibco:deployment_kit:4.5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8BBD4A55-689B-477D-8C29-A81D32ED5017"}, {"criteria": "cpe:2.3:a:tibco:deployment_kit:4.5.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "97349B5C-BF47-480A-9E43-4E23F692D174"}, {"criteria": "cpe:2.3:a:tibco:deployment_kit:5.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "67F4CCF7-ACD2-445A-9163-E6BAC7F4CBF3"}, {"criteria": "cpe:2.3:a:tibco:deployment_kit:5.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4EF0D6E9-D67F-4672-8207-356590A9AD69"}, {"criteria": "cpe:2.3:a:tibco:deployment_kit:5.5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B9FEB849-971C-4080-87DA-E442E4EBFFAA"}, {"criteria": "cpe:2.3:a:tibco:deployment_kit:6.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6A66AB03-7584-4DA9-B4E3-8A93FE1FF981"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}