TIBCO Spotfire Server CVE-2014-5285 Multiple Remote Privilege Escalation Vulnerabilities

Bugtraq ID:	69582
Class:	Unknown
CVE:	CVE-2014-5285
Remote:	Yes
Local:	No
Published:	Sep 03 2014 12:00AM
Updated:	Sep 03 2014 12:00AM
Credit:	The vendor reported these issues.
Vulnerable:	TIBCO Spotfire Server 6.0.2 TIBCO Spotfire Server 6.0.1 TIBCO Spotfire Server 6.0 TIBCO Spotfire Server 5.5.1 TIBCO Spotfire Server 5.5 TIBCO Spotfire Server 5.0.2 TIBCO Spotfire Server 5.0.1 TIBCO Spotfire Server 5.0 TIBCO Spotfire Server 4.5.1 TIBCO Spotfire Server 4.5 TIBCO Spotfire Server 3.2.2 TIBCO Spotfire Server 3.1.3 TIBCO Spotfire Server 3.3.0 TIBCO Spotfire Server 3.2.0 TIBCO Spotfire Server 3.1.1 TIBCO Spotfire Server 3.1.0 TIBCO Spotfire Server 3.0.1 TIBCO Spotfire Server 3.0.0
Not Vulnerable:	TIBCO Spotfire Server 6.5.1 TIBCO Spotfire Server 6.0.3 TIBCO Spotfire Server 5.5.2 TIBCO Spotfire Server 5.0.3 TIBCO Spotfire Server 4.5.2

TIBCO Spotfire Server CVE-2014-5285 Multiple Remote Privilege Escalation Vulnerabilities

TIBCO Spotfire Server is prone to multiple remote privilege-escalation vulnerabilities.

Attackers can exploit these issues to gain elevated privileges in the context of the affected application. Successful exploits may aid in further attacks.

TIBCO Spotfire Server CVE-2014-5285 Multiple Remote Privilege Escalation Vulnerabilities

Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

TIBCO Spotfire Server CVE-2014-5285 Multiple Remote Privilege Escalation Vulnerabilities

Solution:
Updates are available. Please see the references or vendor advisory for more information.

TIBCO Spotfire Server CVE-2014-5285 Multiple Remote Privilege Escalation Vulnerabilities

References:

• TIBCO Homepage (TIBCO)
  
• TIBCO Spotfire Server vulnerabilities (TIBCO)
  
• Security Advisories for TIBCO Products (TIBCO)