TIBCO Silver Mobile vulnerability

2013.06.01
Credit: tibco
Risk: Medium
Local: Yes
Remote: No
CWE: CWE-264


CVSS Base Score: 6.5/10
Impact Subscore: 6.4/10
Exploitability Subscore: 8/10
Exploit range: Remote
Attack complexity: Low
Authentication: Single time
Confidentiality impact: Partial
Integrity impact: Partial
Availability impact: Partial

TIBCO Silver Mobile vulnerability Original release date: May 08, 2013 Last revised: -- Source: TIBCO Software Inc. Systems Affected TIBCO Silver Mobile version 1.1.0 The following components are affected: * TIBCO Silver Mobile Server Description The TIBCO Silver Mobile component listed above will fail to properly enforce administrator privileges in some circumstances. This may allow unprivileged users to execute arbitrary commands with administrator privileges. TIBCO has released an update which addresses this issue. TIBCO strongly recommends sites running the affected components to install the update. Impact The impact of this vulnerability may include information disclosure, modification or deletion. Solution Upgrade TIBCO Silver Mobile to version 1.1.1 or above. References http://www.tibco.com/mk/advisory.jsp CVE: CVE-2013-3315

References:

http://www.tibco.com/services/support/advisories/silver-mobile-advisory_20130508.jsp
http://www.tibco.com/multimedia/silver-mobile-advisory-2013-05-08_tcm8-18595.txt
http://www.tibco.com/mk/advisory.jsp


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top