VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published Apr 10, 2014· Updated May 6, 2026

CVE-2014-2544

CVE-2014-2544

Description

Unspecified vulnerability in Spotfire Web Player Engine, Spotfire Desktop, and Spotfire Server Authentication Module in TIBCO Spotfire Server 3.3.x before 3.3.4, 4.5.x before 4.5.1, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.2; Spotfire Professional 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Web Player 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Automation Services 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Deployment Kit 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Desktop 6.x before 6.0.1; and Spotfire Analyst 6.x before 6.0.1 allows remote attackers to execute arbitrary code via unknown vectors.

Affected products

37
  • TIBCO Software/Spotfire Server7 versions
    cpe:2.3:a:tibco:spotfire_server:5.5.0:*:*:*:*:*:*:*+ 6 more
    • cpe:2.3:a:tibco:spotfire_server:5.5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:tibco:spotfire_server:6.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:tibco:spotfire_server:6.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:tibco:spotfire_server:*:*:*:*:*:*:*:*range: <=3.3.3
    • cpe:2.3:a:tibco:spotfire_server:4.5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:tibco:spotfire_server:5.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:tibco:spotfire_server:5.0.1:*:*:*:*:*:*:*
  • TIBCO Software/Spotfire Professional7 versions
    cpe:2.3:a:tibco:spotfire_professional:*:*:*:*:*:*:*:*+ 6 more
    • cpe:2.3:a:tibco:spotfire_professional:*:*:*:*:*:*:*:*range: <=4.0.3
    • cpe:2.3:a:tibco:spotfire_professional:4.5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:tibco:spotfire_professional:4.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:tibco:spotfire_professional:5.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:tibco:spotfire_professional:5.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:tibco:spotfire_professional:5.5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:tibco:spotfire_professional:6.0.0:*:*:*:*:*:*:*
  • TIBCO Software/Analyst
    cpe:2.3:a:tibco:analyst:*:*:*:*:*:*:*:*
    Range: <=6.0.0
  • TIBCO Software/Desktop
    cpe:2.3:a:tibco:desktop:*:*:*:*:*:*:*:*
    Range: <=6.0.0
  • TIBCO Software/Deployment Kit7 versions
    cpe:2.3:a:tibco:deployment_kit:*:*:*:*:*:*:*:*+ 6 more
    • cpe:2.3:a:tibco:deployment_kit:*:*:*:*:*:*:*:*range: <=4.0.3
    • cpe:2.3:a:tibco:deployment_kit:4.5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:tibco:deployment_kit:4.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:tibco:deployment_kit:5.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:tibco:deployment_kit:5.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:tibco:deployment_kit:5.5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:tibco:deployment_kit:6.0.0:*:*:*:*:*:*:*
  • TIBCO Software/Web Player7 versions
    cpe:2.3:a:tibco:web_player:*:*:*:*:*:*:*:*+ 6 more
    • cpe:2.3:a:tibco:web_player:*:*:*:*:*:*:*:*range: <=4.0.3
    • cpe:2.3:a:tibco:web_player:4.5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:tibco:web_player:4.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:tibco:web_player:5.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:tibco:web_player:5.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:tibco:web_player:5.5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:tibco:web_player:6.0.0:*:*:*:*:*:*:*
  • TIBCO Software/Automation Services7 versions
    cpe:2.3:a:tibco:automation_services:*:*:*:*:*:*:*:*+ 6 more
    • cpe:2.3:a:tibco:automation_services:*:*:*:*:*:*:*:*range: <=4.0.3
    • cpe:2.3:a:tibco:automation_services:4.5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:tibco:automation_services:4.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:tibco:automation_services:5.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:tibco:automation_services:5.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:tibco:automation_services:5.5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:tibco:automation_services:6.0.0:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

2

News mentions

0

No linked articles in our index yet.