Lucene search

MitreCVE-2010-4496

HistoryJan 07, 2011 - 7:00 p.m.

CVE-2010-4496

2011-01-0719:00:18

CWE-89

mitre

web.nvd.nist.gov

cve

sql injection

tibco

collaborative information manager

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.8

Confidence

Low

EPSS

0.004

Percentile

75.2%

JSON

Multiple SQL injection vulnerabilities in Collaborative Information Manager server, as used in TIBCO Collaborative Information Manager before 8.1.0 and ActiveCatalog before 1.0.1, allow remote attackers to execute arbitrary SQL commands via unspecified vectors.

Affected configurations

Nvd

Node

tibcoactivecatalogRange≤1.0

tibcocollaborative_information_managerRange≤8.0

VendorProductVersionCPE
tibcoactivecatalog*cpe:2.3:a:tibco:activecatalog:*:*:*:*:*:*:*:*
tibcocollaborative_information_manager*cpe:2.3:a:tibco:collaborative_information_manager:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
tibco	activecatalog	*	cpe:2.3:a:tibco:activecatalog::::::::
tibco	collaborative_information_manager	*	cpe:2.3:a:tibco:collaborative_information_manager::::::::

References

osvdb.org/70371

secunia.com/advisories/42791

www.securityfocus.com/bid/45691

www.securitytracker.com/id?1024942

www.tibco.com/multimedia/cim_advisory_20110105_tcm8-12765.txt

www.tibco.com/services/support/advisories/cim-advisory_20100105.jsp

www.vupen.com/english/advisories/2011/0037

exchange.xforce.ibmcloud.com/vulnerabilities/64520

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.8

Confidence

Low

EPSS

0.004

Percentile

75.2%

JSON

Related for CVE-2010-4496