CVE-2014-7195 — Sensitive Information Exposure in Silver Fabric Enabler

CWE-200 — Sensitive Information Exposure4 documents4 sources

Severity

4.0MEDIUMNVD

EPSS

0.1%

top 65.66%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Tibco Silver Fabric Enabler Tibco Spotfire Deployment KIT Tibco Spotfire WEB Player

Timeline

PublishedNov 21

Latest updateMay 17

Description

Spotfire Web Player Engine in TIBCO Spotfire Web Player 6.0.x before 6.0.2 and 6.5.x before 6.5.2, Spotfire Deployment Kit 6.0.x before 6.0.2 and 6.5.x before 6.5.2, and Silver Fabric Enabler for Spotfire Web Player before 1.6.1 allows remote authenticated users to obtain sensitive information via unspecified vectors.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 8.0 | Impact: 2.9

Affected Packages3 packages

▶NVDtibco/spotfire_web_player4 versions+3

▶NVDtibco/spotfire_deployment_kit4 versions+3

▶NVDtibco/silver_fabric_enabler1.6.0

🔴Vulnerability Details

GHSA

GHSA-9323-82qh-98r9: Spotfire Web Player Engine in TIBCO Spotfire Web Player 6↗2022-05-17

▶

CVEList

CVE-2014-7195: Spotfire Web Player Engine in TIBCO Spotfire Web Player 6↗2014-11-21

▶

💬Community

Bugzilla

CVE-2014-4338 cups-filters: unsupported BrowseAllow value lets cups-browsed accept from all hosts↗2014-04-25

▶