← Back

CVE-2014-2545

nvd nist
Published: Apr 30, 2014Modified: May 6, 2026

JSON object

Loading...
5.0
Vector
AV:N/AC:L/Au:N/C:P/I:N/A:N
Exploitability: 10.0 / Impact: 2.9
Source: NVD

Description

TIBCO Managed File Transfer Internet Server before 7.2.2, Managed File Transfer Command Center before 7.2.2, Slingshot before 1.9.1, and Vault before 1.0.1 allow remote attackers to obtain sensitive information via a crafted HTTP request.

Affected (17)

Tibco
4 products
Slingshot
Vault
Managed File Transfer Command Center
Managed File Transfer Internet Server
Configuration A
4 vulnerable
Vulnerable SoftwareAffected Versions
Tibco
Slingshot
Up to 1.9.0
Slingshot
Version 1.7.0
Slingshot
Version 1.8.0
Slingshot
Version 1.8.1
Configuration B
1 vulnerable
Vulnerable SoftwareAffected Versions
Vault
Up to 1.0.0
Configuration C
6 vulnerable
Vulnerable SoftwareAffected Versions
Tibco
Managed File Transfer Command Center
Up to 7.2.1
Managed File Transfer Command Center
Version 6.7
Managed File Transfer Command Center
Version 7.0.1
Managed File Transfer Command Center
Version 7.0
Managed File Transfer Command Center
Version 7.1.0
Managed File Transfer Command Center
Version 7.2.0
Configuration D
6 vulnerable
Vulnerable SoftwareAffected Versions
Tibco
Managed File Transfer Internet Server
Up to 7.2.1
Managed File Transfer Internet Server
Version 6.7
Managed File Transfer Internet Server
Version 7.0.1
Managed File Transfer Internet Server
Version 7.0
Managed File Transfer Internet Server
Version 7.1.0
Managed File Transfer Internet Server
Version 7.2.0

Related CWEs

CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (4)

Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.