CVE-2010-4495 - OpenCVE

Unspecified vulnerability in the ActiveMatrix Runtime component in TIBCO ActiveMatrix Service Grid 3.0.0, 3.0.1, and 3.1.0; ActiveMatrix Service Bus 3.0.0 and 3.0.1; ActiveMatrix BusinessWorks Service Engine 5.9.0; ActiveMatrix BPM 1.0.1 and 1.0.2; Silver BPM Service 1.0.1; and Silver CAP Service 1.0.0 allows remote authenticated users to execute arbitrary code via vectors related to JMX connections.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:S/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Tibco	Silver Bpm Service Activematrix Service Grid Activematrix Service Bus Silver Cap Service Activematrix Businessworks Service Engine Activematrix Bpm

Configuration 1 [-]

OR	cpe:2.3:a:tibco:activematrix_bpm:1.0.1:::::::*
	cpe:2.3:a:tibco:activematrix_bpm:1.0.2:::::::*
	cpe:2.3:a:tibco:activematrix_businessworks_service_engine:5.9.0:::::::*
	cpe:2.3:a:tibco:activematrix_service_bus:3.0.0:::::::*
	cpe:2.3:a:tibco:activematrix_service_bus:3.0.1:::::::*
	cpe:2.3:a:tibco:activematrix_service_grid:3.0.0:::::::*
	cpe:2.3:a:tibco:activematrix_service_grid:3.0.1:::::::*
	cpe:2.3:a:tibco:activematrix_service_grid:3.1.0:::::::*
	cpe:2.3:a:tibco:silver_bpm_service:1.0.1:::::::*
	cpe:2.3:a:tibco:silver_cap_service:1.0.0:::::::*

References

Link	Resource
http://secunia.com/advisories/42640	Vendor Advisory
http://www.securityfocus.com/bid/45400
http://www.securitytracker.com/id?1024894
http://www.tibco.com/multimedia/activematrix_advisory_20101214_tcm8-12728.txt	Vendor Advisory
http://www.vupen.com/english/advisories/2010/3241	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2022-10-03T16:21:06

Updated: 2022-10-03T16:21:06

Reserved: 2022-10-03T00:00:00

Link: CVE-2010-4495

JSON object: View

NVD Information

Status : Analyzed

Published: 2010-12-17T19:00:23.933

Modified: 2010-12-20T05:00:00.000

Link: CVE-2010-4495

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-noinfo

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the ActiveMatrix Runtime component in TIBCO ActiveMatrix Service Grid 3.0.0, 3.0.1, and 3.1.0; ActiveMatrix Service Bus 3.0.0 and 3.0.1; ActiveMatrix BusinessWorks Service Engine 5.9.0; ActiveMatrix BPM 1.0.1 and 1.0.2; Silver BPM Service 1.0.1; and Silver CAP Service 1.0.0 allows remote authenticated users to execute arbitrary code via vectors related to JMX connections."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-10-03T16:21:06", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "42640", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/42640"}, {"name": "ADV-2010-3241", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2010/3241"}, {"name": "45400", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/45400"}, {"name": "1024894", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1024894"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.tibco.com/multimedia/activematrix_advisory_20101214_tcm8-12728.txt"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2010-4495", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in the ActiveMatrix Runtime component in TIBCO ActiveMatrix Service Grid 3.0.0, 3.0.1, and 3.1.0; ActiveMatrix Service Bus 3.0.0 and 3.0.1; ActiveMatrix BusinessWorks Service Engine 5.9.0; ActiveMatrix BPM 1.0.1 and 1.0.2; Silver BPM Service 1.0.1; and Silver CAP Service 1.0.0 allows remote authenticated users to execute arbitrary code via vectors related to JMX connections."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "42640", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/42640"}, {"name": "ADV-2010-3241", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2010/3241"}, {"name": "45400", "refsource": "BID", "url": "http://www.securityfocus.com/bid/45400"}, {"name": "1024894", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1024894"}, {"name": "http://www.tibco.com/multimedia/activematrix_advisory_20101214_tcm8-12728.txt", "refsource": "CONFIRM", "url": "http://www.tibco.com/multimedia/activematrix_advisory_20101214_tcm8-12728.txt"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2010-4495", "datePublished": "2022-10-03T16:21:06", "dateReserved": "2022-10-03T00:00:00", "dateUpdated": "2022-10-03T16:21:06", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:tibco:activematrix_bpm:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "47C5D35B-3DA4-4829-9115-9061F725392B", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:activematrix_bpm:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "5C5F8D9F-C1E1-4F39-BF08-D08FC07523C1", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:activematrix_businessworks_service_engine:5.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "F5A147E2-A869-4306-94C7-D5B32333EE1E", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:activematrix_service_bus:3.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "A2BB758D-5C74-493C-ABE7-6DA289253636", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:activematrix_service_bus:3.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "F3A5CE12-C8A8-4E48-BF6C-914C284D391C", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:activematrix_service_grid:3.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "68B99531-DFDA-4625-B0E7-4CDF20A73DF1", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:activematrix_service_grid:3.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "F28DAF05-7BB6-404E-8710-A61866338605", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:activematrix_service_grid:3.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "F633E9D8-BCB2-4748-A91C-1A3D5CD1C953", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:silver_bpm_service:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "CF339B05-7165-4D1B-BB4B-DB72E7D1A0F9", "vulnerable": true}, {"criteria": "cpe:2.3:a:tibco:silver_cap_service:1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "5E886566-E2FF-4453-8400-DEE39E3852DC", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the ActiveMatrix Runtime component in TIBCO ActiveMatrix Service Grid 3.0.0, 3.0.1, and 3.1.0; ActiveMatrix Service Bus 3.0.0 and 3.0.1; ActiveMatrix BusinessWorks Service Engine 5.9.0; ActiveMatrix BPM 1.0.1 and 1.0.2; Silver BPM Service 1.0.1; and Silver CAP Service 1.0.0 allows remote authenticated users to execute arbitrary code via vectors related to JMX connections."}, {"lang": "es", "value": "Vulnerabilidad no especificada en el componente Runtime ActiveMatrix de TIBCO ActiveMatrix Service Grid v3.0.0, v3.0.1 y v3.1.0; ActiveMatrix Service Bus v3.0.0 y v3.0.1; ActiveMatrix BusinessWorks Service Engine v5.9.0, v1.0.1 y ActiveMatrix BPM v1.0.2, Silver BPM Service v1.0.1, y de Silver CAP Service v1.0.0 permite a usuarios remotos autenticados para ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores relacionados con las conexiones JMX."}], "id": "CVE-2010-4495", "lastModified": "2010-12-20T05:00:00.000", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2010-12-17T19:00:23.933", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/42640"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/45400"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1024894"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.tibco.com/multimedia/activematrix_advisory_20101214_tcm8-12728.txt"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2010/3241"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}