CVE-2015-5711

{"id": "CVE-2015-5711", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2015-09-29T18:59:04.630", "references": [{"url": "http://www.securitytracker.com/id/1033678", "source": "cve@mitre.org"}, {"url": "http://www.tibco.com/assets/blt423f06fbac6ee0c6/2015-003-advisory.txt", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.tibco.com/mk/advisory.jsp", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id/1033678", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.tibco.com/assets/blt423f06fbac6ee0c6/2015-003-advisory.txt", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.tibco.com/mk/advisory.jsp", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "TIBCO Managed File Transfer Internet Server before 7.2.5, Managed File Transfer Command Center before 7.2.5, Slingshot before 1.9.4, and Vault before 2.0.1 allow remote authenticated users to obtain sensitive information via a crafted HTTP request."}, {"lang": "es", "value": "Vulnerabilidad en TIBCO Managed File Transfer Internet Server en versiones anteriores a 7.2.5, Managed File Transfer Command Center en versiones anteriores a 7.2.5, Slingshot en versiones anteriores a 1.9.4 y Vault en versiones anteriores a 2.0.1, permite a usuarios remotos autenticados obtener informaci\u00f3n sensible a trav\u00e9s de una petici\u00f3n HTTP manipulada."}], "lastModified": "2025-04-12T10:46:40.837", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:tibco:managed_file_transfer_internet_server:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "40ABCAA0-E373-47BE-BEA9-3FB4F023B335", "versionEndIncluding": "7.2.4"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:tibco:vault:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "82671377-DB4C-41F2-945C-FECEC1B4E2ED", "versionEndIncluding": "2.0.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:tibco:managed_file_transfer_command_center:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D0245F45-3F50-4477-851E-32B72775F0A1", "versionEndIncluding": "7.2.4"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:tibco:slingshot:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CA1A0E79-F30D-4EAD-A963-D24B31F32359", "versionEndIncluding": "1.9.3"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}