Vulnerability CVE-2010-0683
Published: 2010-02-25   Modified: 2012-02-13

Description:
Unspecified vulnerability in TIBRepoServer5.jar in TIBCO Administrator 5.4.0 through 5.6.0, when JMS transport is used, allows remote authenticated users to execute arbitrary code on all domain nodes via vectors related to leveraging administrative credentials.

Type:

CWE-noinfo

CVSS2 => (AV:N/AC:M/Au:S/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
6/10
6.4/10
6.8/10
Exploit range
Attack complexity
Authentication
Remote
Medium
Single time
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Tibco -> Administrator 

 References:
http://www.tibco.com/services/support/advisories/adminstrator-advisory_20100223.jsp
http://www.tibco.com/multimedia/security_advisory_administrator_tcm8-10685.txt
http://www.vupen.com/english/advisories/2010/0463
http://www.securityfocus.com/bid/38396
http://secunia.com/advisories/38732
Copyright 2024, cxsecurity.com

 

Back to Top