Spotfire Parsing Library and Spotfire Security Filter in TIBCO Spotfire Server 5.5.x before 5.5.4, 6.0.x before 6.0.5, 6.5.x before 6.5.4, and 7.0.x before 7.0.1 and Spotfire Analytics Platform before 7.0.2 for AWS Marketplace allow remote authenticated users to obtain sensitive system information by visiting an unspecified URL.
2015-10-28T10:59:08.573
2025-04-12T10:46:40.837
Deferred
CVSSv2: 4.0 (MEDIUM)
AV:N/AC:L/Au:S/C:P/I:N/A:N
8.0
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | tibco | spotfire_analytics_platform_for_aws | ≤ 7.0.1 | Yes |
| Application | tibco | spotfire_server | 5.0.0 | Yes |
| Application | tibco | spotfire_server | 5.0.1 | Yes |
| Application | tibco | spotfire_server | 5.0.2 | Yes |
| Application | tibco | spotfire_server | 5.5.0 | Yes |
| Application | tibco | spotfire_server | 5.5.1 | Yes |
| Application | tibco | spotfire_server | 5.5.2 | Yes |
| Application | tibco | spotfire_server | 5.5.3 | Yes |
| Application | tibco | spotfire_server | 6.0.0 | Yes |
| Application | tibco | spotfire_server | 6.0.1 | Yes |
| Application | tibco | spotfire_server | 6.0.2 | Yes |
| Application | tibco | spotfire_server | 6.0.3 | Yes |
| Application | tibco | spotfire_server | 6.0.4 | Yes |
| Application | tibco | spotfire_server | 6.5.0 | Yes |
| Application | tibco | spotfire_server | 6.5.1 | Yes |
| Application | tibco | spotfire_server | 6.5.2 | Yes |
| Application | tibco | spotfire_server | 6.5.3 | Yes |
| Application | tibco | spotfire_server | 7.0.0 | Yes |