CVE-2015-4554
Summary
| CVE | CVE-2015-4554 |
|---|---|
| State | PUBLISHED |
| Assigner | mitre |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2015-07-21 19:59:03 UTC |
| Updated | 2026-05-06 22:30:45 UTC |
| Description | Multiple unspecified vulnerabilities in TIBCO Spotfire Client and Spotfire Web Player Client in Spotfire Analyst before 5.5.2, 6.0.x before 6.0.3, 6.5.x before 6.5.3, and 7.0.x before 7.0.1; Spotfire Analytics Platform for AWS 6.5 and 7.0.x before 7.0.1; Spotfire Automation Services before 5.5.2, 6.0.x before 6.0.3, 6.5.x before 6.5.3, and 7.0.x before 7.0.1; Spotfire Deployment Kit before 5.5.2, 6.0.x before 6.0.3, 6.5.x before 6.5.3, and 7.0.x before 7.0.1; Spotfire Desktop before 6.5.2 and 7.0.x before 7.0.1; Spotfire Desktop Language Packs 7.0.x before 7.0.1; Spotfire Professional before 5.5.2, 6.0.x before 6.0.3, 6.5.x before 6.5.3, and 7.0.x before 7.0.1; Spotfire Web Player before 5.5.2, 6.0.x before 6.0.3, 6.5.x before 6.5.3, and 7.0.x before 7.0.1; and Silver Fabric Enabler for Spotfire Web Player before 2.1.1 allow remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors. |
Risk And Classification
Primary CVSS: v2.0 7.5 from [email protected]
AV:N/AC:L/Au:N/C:P/I:P/A:P
Problem Types: NVD-CWE-noinfo | n/a
CVSS v2.0 Breakdown
Access Vector
NetworkAccess Complexity
LowAuthentication
NoneConfidentiality
PartialIntegrity
PartialAvailability
PartialAV:N/AC:L/Au:N/C:P/I:P/A:P
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Tibco | Silver Fabric Enabler For Spotfire Webplayer | 2.1.0 | All | All | All |
| Application | Tibco | Spotfire Analyst | 6.0.0 | All | All | All |
| Application | Tibco | Spotfire Analyst | 6.0.1 | All | All | All |
| Application | Tibco | Spotfire Analyst | 6.0.2 | All | All | All |
| Application | Tibco | Spotfire Analyst | 6.5.0 | All | All | All |
| Application | Tibco | Spotfire Analyst | 6.5.1 | All | All | All |
| Application | Tibco | Spotfire Analyst | 6.5.2 | All | All | All |
| Application | Tibco | Spotfire Analyst | 7.0.0 | All | All | All |
| Application | Tibco | Spotfire Analyst | All | All | All | All |
| Application | Tibco | Spotfire Analytics Platform For Aws | 6.5 | All | All | All |
| Application | Tibco | Spotfire Analytics Platform For Aws | 7.0.0 | All | All | All |
| Application | Tibco | Spotfire Automation Services | 6.0.0 | All | All | All |
| Application | Tibco | Spotfire Automation Services | 6.0.1 | All | All | All |
| Application | Tibco | Spotfire Automation Services | 6.0.2 | All | All | All |
| Application | Tibco | Spotfire Automation Services | 6.5.0 | All | All | All |
| Application | Tibco | Spotfire Automation Services | 6.5.1 | All | All | All |
| Application | Tibco | Spotfire Automation Services | 6.5.2 | All | All | All |
| Application | Tibco | Spotfire Automation Services | 7.0.0 | All | All | All |
| Application | Tibco | Spotfire Automation Services | All | All | All | All |
| Application | Tibco | Spotfire Deployment Kit | 6.0.0 | All | All | All |
| Application | Tibco | Spotfire Deployment Kit | 6.0.1 | All | All | All |
| Application | Tibco | Spotfire Deployment Kit | 6.0.2 | All | All | All |
| Application | Tibco | Spotfire Deployment Kit | 6.5.0 | All | All | All |
| Application | Tibco | Spotfire Deployment Kit | 6.5.1 | All | All | All |
| Application | Tibco | Spotfire Deployment Kit | 6.5.2 | All | All | All |
| Application | Tibco | Spotfire Deployment Kit | 7.0.0 | All | All | All |
| Application | Tibco | Spotfire Deployment Kit | All | All | All | All |
| Application | Tibco | Spotfire Desktop | 7.0.0 | All | All | All |
| Application | Tibco | Spotfire Desktop | All | All | All | All |
| Application | Tibco | Spotfire Desktop Language Packs | 7.0.0 | All | All | All |
| Application | Tibco | Spotfire Professional | 6.0.0 | All | All | All |
| Application | Tibco | Spotfire Professional | 6.0.1 | All | All | All |
| Application | Tibco | Spotfire Professional | 6.0.2 | All | All | All |
| Application | Tibco | Spotfire Professional | 6.5.0 | All | All | All |
| Application | Tibco | Spotfire Professional | 6.5.1 | All | All | All |
| Application | Tibco | Spotfire Professional | 6.5.2 | All | All | All |
| Application | Tibco | Spotfire Professional | 7.0.0 | All | All | All |
| Application | Tibco | Spotfire Professional | All | All | All | All |
| Application | Tibco | Spotfire Web Player | 6.0.0 | All | All | All |
| Application | Tibco | Spotfire Web Player | 6.0.1 | All | All | All |
| Application | Tibco | Spotfire Web Player | 6.0.2 | All | All | All |
| Application | Tibco | Spotfire Web Player | 6.5.0 | All | All | All |
| Application | Tibco | Spotfire Web Player | 6.5.1 | All | All | All |
| Application | Tibco | Spotfire Web Player | 6.5.2 | All | All | All |
| Application | Tibco | Spotfire Web Player | 7.0.0 | All | All | All |
| Application | Tibco | Spotfire Web Player | All | All | All | All |
Vendor Declared Affected Products
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Advisory | TIBCO Software | af854a3a-2127-422b-91ae-364da2661108 | www.tibco.com | Vendor Advisory |
| www.tibco.com/assets/blt1fd126faba191a9f/2015-001-advisory.txt | af854a3a-2127-422b-91ae-364da2661108 | www.tibco.com | Vendor Advisory |
| TIBCO Spotfire Unspecified Flaw Lets Remote Users Obtain Sensitive Information and Execute Arbitrary Code - SecurityTracker | af854a3a-2127-422b-91ae-364da2661108 | www.securitytracker.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.