Unrated severityNVD Advisory· Published Mar 15, 2013· Updated Apr 29, 2026

CVE-2013-2373

Description

The Engine in TIBCO Spotfire Web Player 3.3.x before 3.3.3, 4.0.x before 4.0.3, 4.5.x before 4.5.1, and 5.0.x before 5.0.1 does not properly implement access control, which allows remote attackers to obtain sensitive information or modify data via unspecified vectors.

Affected products

TIBCO Software/Spotfire Web Player7 versions
cpe:2.3:a:tibco:spotfire_web_player:3.3:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:tibco:spotfire_web_player:3.3:*:*:*:*:*:*:*
- cpe:2.3:a:tibco:spotfire_web_player:3.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:tibco:spotfire_web_player:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:tibco:spotfire_web_player:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:tibco:spotfire_web_player:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:tibco:spotfire_web_player:4.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:tibco:spotfire_web_player:5.0.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.tibco.com/mk/advisory.jspnvdVendor Advisory
www.tibco.com/multimedia/spotfire-web-player-advisory-2013-03-12_tcm8-18480.txtnvdVendor Advisory
www.tibco.com/services/support/advisories/spotfire-advisory_20130313.jspnvdVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000