CVE-2014-2545

Published Apr 30, 2014

Last updated 3 months ago

CVSS info 5.0

Overview

Description: TIBCO Managed File Transfer Internet Server before 7.2.2, Managed File Transfer Command Center before 7.2.2, Slingshot before 1.9.1, and Vault before 1.0.1 allow remote attackers to obtain sensitive information via a crafted HTTP request.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: CWE-200

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:tibco:slingshot:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3DC90EE6-CDAB-451C-8E50-AB3FFACC5EF1",
            "versionEndIncluding": "1.9.0"
          },
          {
            "criteria": "cpe:2.3:a:tibco:slingshot:1.7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "25383BC4-F4C4-4795-A193-19465173E819"
          },
          {
            "criteria": "cpe:2.3:a:tibco:slingshot:1.8.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8D1B4214-62FA-4E5A-BF94-059D9388E395"
          },
          {
            "criteria": "cpe:2.3:a:tibco:slingshot:1.8.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1545E386-1237-4730-AC65-C56CF081F061"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:tibco:vault:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "05772242-6D18-40B7-8D51-E9441DB7F225",
            "versionEndIncluding": "1.0.0"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:tibco:managed_file_transfer_command_center:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7D72C5F9-5611-4CF0-8ECA-DC5709A7CF39",
            "versionEndIncluding": "7.2.1"
          },
          {
            "criteria": "cpe:2.3:a:tibco:managed_file_transfer_command_center:6.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "38ED1A3D-E9D9-4303-B415-B59E001AF66C"
          },
          {
            "criteria": "cpe:2.3:a:tibco:managed_file_transfer_command_center:7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B915038A-19CD-46FA-AD4D-363FC1318BC6"
          },
          {
            "criteria": "cpe:2.3:a:tibco:managed_file_transfer_command_center:7.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "17F7866F-CA3B-473B-B97C-708094FA1FE0"
          },
          {
            "criteria": "cpe:2.3:a:tibco:managed_file_transfer_command_center:7.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C4BF9007-7E8F-493F-A6DA-B0E779E0D846"
          },
          {
            "criteria": "cpe:2.3:a:tibco:managed_file_transfer_command_center:7.2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6A5F03F0-D855-41A7-9A10-506DB2C74F26"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:tibco:managed_file_transfer_internet_server:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "260DA92B-9C95-485F-A9D5-673174EA64E4",
            "versionEndIncluding": "7.2.1"
          },
          {
            "criteria": "cpe:2.3:a:tibco:managed_file_transfer_internet_server:6.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CEF0D77C-384A-4637-A536-FFFEB98FA5AC"
          },
          {
            "criteria": "cpe:2.3:a:tibco:managed_file_transfer_internet_server:7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FF267842-78F2-4116-B9C2-AFC253FFC6D4"
          },
          {
            "criteria": "cpe:2.3:a:tibco:managed_file_transfer_internet_server:7.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6E9A0D38-D999-43F7-87D2-A94B1783BA03"
          },
          {
            "criteria": "cpe:2.3:a:tibco:managed_file_transfer_internet_server:7.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "849C38B6-682F-4B6F-A9BB-F8418240FFEF"
          },
          {
            "criteria": "cpe:2.3:a:tibco:managed_file_transfer_internet_server:7.2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DFC8D85E-6EA0-4FDD-9D3A-329A7FE278AE"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References