Remote Code Execution Vulnerability in TIBCO Spotfire Server and Analytics Platform
CVE-2015-5713

Currently unrated

Key Information:

Vendor: Tibco
Status: Spotfire Server
Vendor: CVE Published:; 28 October 2015

Summary

The TIBCO Spotfire Server and Analytics Platform prior to specified versions are vulnerable to a remote information disclosure flaw. This vulnerability allows attackers to gain access to sensitive log information by simply visiting a specific URL. Proper security measures should be taken to mitigate this risk, including updating to the latest software versions.

References

http://www.securitytracker.com/id/1034011

vdb-entryx_refsource_SECTRACK

http://www.tibco.com/mk/advisory.jsp

x_refsource_CONFIRM

http://www.tibco.com/assets/blt3a3a55ab42f2f5cd/2015-004-...

x_refsource_CONFIRM

Timeline

Vulnerability published
Oct 28, 2015
Vulnerability Reserved
Aug 2, 2015