Lucene search

[email protected]NVD:CVE-2010-0184

HistoryJan 14, 2010 - 7:30 p.m.

CVE-2010-0184

2010-01-1419:30:00

CWE-264

[email protected]

web.nvd.nist.gov

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.4 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

The (1) domainutility and (2) domainutilitycmd components in TIBCO Domain Utility in TIBCO Runtime Agent (TRA) before 5.6.2, as used in TIBCO ActiveMatrix BusinessWorks and other products, set weak permissions on domain properties files, which allows local users to obtain domain administrator credentials, and gain privileges on all domain systems, via unspecified vectors.

Affected configurations

NVD

Node

tibcoruntime_agentRange≤5.6.1

tibcoruntime_agentMatch5.4.0

tibcoruntime_agentMatch5.5.3

tibcoruntime_agentMatch5.5.4

tibcoruntime_agentMatch5.6

References

secunia.com/advisories/38191

www.securityfocus.com/bid/37805

www.tibco.com/mk/advisory.jsp

www.tibco.com/multimedia/security_advisory_runtime_agent_20100113_tcm8-10392.txt

www.vupen.com/english/advisories/2010/0128

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.4 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2010-0184

prion1 cvelist1 cve1