CVE-2014-2075

critical

Published 2014-02-27 · Modified 2026-04-29

CVSS v3

—

CVSS v2

10.0

VIR risk

10.0

Description

TIBCO Enterprise Administrator 1.0.0 and Enterprise Administrator SDK 1.0.0 do not properly enforce administrative authentication requirements, which allows remote attackers to execute arbitrary commands via unspecified vectors.

Predictions

Exploit likelihood

20%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: cve@mitre.org — http://www.tibco.com/multimedia/enterprise_administator_advisory_20140226_tcm8-20533.txt

vendor Authored 2026-05-27

Vendor advisory: cve@mitre.org — http://www.tibco.com/mk/advisory.jsp

Application impact

Vendor	Product	Versions	Fixed
tibco	enterprise_administrator	`1.0.0`
tibco	enterprise_administrator_sdk	`1.0.0`

References

http://www.tibco.com/mk/advisory.jsp
http://www.tibco.com/multimedia/enterprise_administator_advisory_20140226_tcm8-20533.txt
http://www.tibco.com/mk/advisory.jsp
http://www.tibco.com/multimedia/enterprise_administator_advisory_20140226_tcm8-20533.txt

CWEs

CWE-287

Verify integrity in audit chain (admin only). AS-IS.