CVE-2010-0683 - Unspecified vulnerability in TIBRepoServer5.jar in TIBCO Administrator 5.4.0 through 5.6.0, when JMS

CVE-2010-0683

Summary

Unspecified vulnerability in TIBRepoServer5.jar in TIBCO Administrator 5.4.0 through 5.6.0, when JMS transport is used, allows remote authenticated users to execute arbitrary code on all domain nodes via vectors related to leveraging administrative credentials.

References

Vulnerable Configurations

cpe:2.3:a:tibco:administrator:5.4.0:*:*:*:*:*:*:*
cpe:2.3:a:tibco:administrator:5.4.0:*:*:*:*:*:*:*
cpe:2.3:a:tibco:administrator:5.6.0:*:*:*:*:*:*:*
cpe:2.3:a:tibco:administrator:5.6.0:*:*:*:*:*:*:*

CVSS

Base:	6.0 (as of 26-02-2010 - 05:00)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	SINGLE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:M/Au:S/C:P/I:P/A:P

refmap via4

bid	38396
confirm	http://www.tibco.com/multimedia/security_advisory_administrator_tcm8-10685.txt http://www.tibco.com/services/support/advisories/adminstrator-advisory_20100223.jsp
secunia	38732
vupen	ADV-2010-0463

Last major update

26-02-2010 - 05:00

Published

25-02-2010 - 19:30

Last modified

26-02-2010 - 05:00