Vulnerability CVE-2014-5286


Published: 2015-02-18   Modified: 2015-02-19

Description:
The ActiveMatrix Policy Manager Authentication module in TIBCO ActiveMatrix Policy Agent 3.x before 3.1.2, ActiveMatrix Policy Manager 3.x before 3.1.2, ActiveMatrix Management Agent 1.x before 1.2.1 for WCF, and ActiveMatrix Management Agent 1.x before 1.2.1 for WebSphere allows remote attackers to gain privileges and obtain sensitive information via unspecified vectors.

See advisories in our WLB2 database:
Topic
Author
Date
Low
TIBCO ActiveMatrix Policy Manager/Agent vulnerabilities
tibco
22.02.2015

Type:

CWE-264

(Permissions, Privileges, and Access Controls)

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
6.4/10
4.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
None
Affected software
Tibco -> Activematrix management agent 
Tibco -> Activematrix policy agent 
Tibco -> Activematrix policy manager 

 References:
http://www.tibco.com/services/support/advisories/activematrix-advisory_20150218
http://www.tibco.com/mk/advisory.jsp
http://www.tibco.com/assets/blt1b18947cad32d1c4/2014-007-advisory.txt

Copyright 2020, cxsecurity.com

 

Back to Top