TIBCO Silver Mobile vulnerability

2013.06.01

Credit: tibco

Risk: Medium

Local: Yes

Remote: No

CVE: CVE-2013-3315

CWE: CWE-264

Ogólna skala CVSS: 6.5/10

Znaczenie: 6.4/10

Łatwość wykorzystania: 8/10

Wymagany dostęp: Zdalny

Złożoność ataku: Niska

Autoryzacja: Jednorazowa

Wpływ na poufność: Częściowy

Wpływ na integralność: Częściowy

Wpływ na dostępność: Częściowy

TIBCO Silver Mobile vulnerability
Original release date: May 08, 2013
Last revised: --
Source: TIBCO Software Inc.
Systems Affected
TIBCO Silver Mobile version 1.1.0
The following components are affected:
* TIBCO Silver Mobile Server
Description
The TIBCO Silver Mobile component listed above will fail to properly enforce
administrator privileges in some circumstances. This may allow unprivileged
users to execute arbitrary commands with administrator privileges.
TIBCO has released an update which addresses this issue. TIBCO strongly
recommends sites running the affected components to install the update.
Impact
The impact of this vulnerability may include information disclosure,
modification or deletion.
Solution
Upgrade TIBCO Silver Mobile to version 1.1.1 or above.
References
http://www.tibco.com/mk/advisory.jsp
CVE: CVE-2013-3315

Referencje:

http://www.tibco.com/services/support/advisories/silver-mobile-advisory_20130508.jsp

http://www.tibco.com/multimedia/silver-mobile-advisory-2013-05-08_tcm8-18595.txt

http://www.tibco.com/mk/advisory.jsp

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

TIBCO Silver Mobile vulnerability

Referencje:

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.