CVE-2015-4554

Published: Jul 21, 2015Modified: May 6, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Multiple unspecified vulnerabilities in TIBCO Spotfire Client and Spotfire Web Player Client in Spotfire Analyst before 5.5.2, 6.0.x before 6.0.3, 6.5.x before 6.5.3, and 7.0.x before 7.0.1; Spotfire Analytics Platform for AWS 6.5 and 7.0.x before 7.0.1; Spotfire Automation Services before 5.5.2, 6.0.x before 6.0.3, 6.5.x before 6.5.3, and 7.0.x before 7.0.1; Spotfire Deployment Kit before 5.5.2, 6.0.x before 6.0.3, 6.5.x before 6.5.3, and 7.0.x before 7.0.1; Spotfire Desktop before 6.5.2 and 7.0.x before 7.0.1; Spotfire Desktop Language Packs 7.0.x before 7.0.1; Spotfire Professional before 5.5.2, 6.0.x before 6.0.3, 6.5.x before 6.5.3, and 7.0.x before 7.0.1; Spotfire Web Player before 5.5.2, 6.0.x before 6.0.3, 6.5.x before 6.5.3, and 7.0.x before 7.0.1; and Silver Fabric Enabler for Spotfire Web Player before 2.1.1 allow remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors.

Affected (46)

Products: Tibco: Spotfire Deployment Kit, Spotfire Professional, Spotfire Web Player, Spotfire Desktop, Spotfire Desktop Language Packs, Spotfire Automation Services, Spotfire Analyst, Silver Fabric Enabler For Spotfire Webplayer, Spotfire Analytics Platform For Aws

Tibco

9 products

Spotfire Deployment Kit

Spotfire Professional

Spotfire Web Player

Spotfire Desktop

Spotfire Desktop Language Packs

Spotfire Automation Services

Spotfire Analyst

Silver Fabric Enabler For Spotfire Webplayer

Spotfire Analytics Platform For Aws

Configuration A

8 vulnerable

Vulnerable Software	Affected Versions
Tibco Spotfire Deployment Kit	Up to 5.5.1
Tibco Spotfire Deployment Kit	Version 6.0.0
Tibco Spotfire Deployment Kit	Version 6.0.1
Tibco Spotfire Deployment Kit	Version 6.0.2
Tibco Spotfire Deployment Kit	Version 6.5.0
Tibco Spotfire Deployment Kit	Version 6.5.1
Tibco Spotfire Deployment Kit	Version 6.5.2
Tibco Spotfire Deployment Kit	Version 7.0.0

Configuration B

8 vulnerable

Vulnerable Software	Affected Versions
Tibco Spotfire Professional	Up to 5.5.1
Tibco Spotfire Professional	Version 6.0.0
Tibco Spotfire Professional	Version 6.0.1
Tibco Spotfire Professional	Version 6.0.2
Tibco Spotfire Professional	Version 6.5.0
Tibco Spotfire Professional	Version 6.5.1
Tibco Spotfire Professional	Version 6.5.2
Tibco Spotfire Professional	Version 7.0.0

Configuration C

8 vulnerable

Vulnerable Software	Affected Versions
Tibco Spotfire Web Player	Up to 5.5.1
Tibco Spotfire Web Player	Version 6.0.0
Tibco Spotfire Web Player	Version 6.0.1
Tibco Spotfire Web Player	Version 6.0.2
Tibco Spotfire Web Player	Version 6.5.0
Tibco Spotfire Web Player	Version 6.5.1
Tibco Spotfire Web Player	Version 6.5.2
Tibco Spotfire Web Player	Version 7.0.0

Configuration D

2 vulnerable

Vulnerable Software	Affected Versions
Tibco Spotfire Desktop	Up to 6.5.1
Tibco Spotfire Desktop	Version 7.0.0

Configuration E

1 vulnerable

Vulnerable Software	Affected Versions
Tibco Spotfire Desktop Language Packs	Version 7.0.0

Configuration F

8 vulnerable

Vulnerable Software	Affected Versions
Tibco Spotfire Automation Services	Up to 5.5.1
Tibco Spotfire Automation Services	Version 6.0.0
Tibco Spotfire Automation Services	Version 6.0.1
Tibco Spotfire Automation Services	Version 6.0.2
Tibco Spotfire Automation Services	Version 6.5.0
Tibco Spotfire Automation Services	Version 6.5.1
Tibco Spotfire Automation Services	Version 6.5.2
Tibco Spotfire Automation Services	Version 7.0.0

Configuration G

8 vulnerable

Vulnerable Software	Affected Versions
Tibco Spotfire Analyst	Up to 5.5.1
Tibco Spotfire Analyst	Version 6.0.0
Tibco Spotfire Analyst	Version 6.0.1
Tibco Spotfire Analyst	Version 6.0.2
Tibco Spotfire Analyst	Version 6.5.0
Tibco Spotfire Analyst	Version 6.5.1
Tibco Spotfire Analyst	Version 6.5.2
Tibco Spotfire Analyst	Version 7.0.0