CVE-2010-4498 - Unspecified vulnerability in Collaborative Information Manager server, as used in TIBCO Collaborativ

CVE-2010-4498

Summary

Unspecified vulnerability in Collaborative Information Manager server, as used in TIBCO Collaborative Information Manager before 8.1.0 and ActiveCatalog before 1.0.1, allows remote attackers to modify data or obtain sensitive information via a crafted URL. Per: http://www.tibco.com/services/support/advisories/cim-advisory_20100105.jsp 'Customers with current maintenance can obtain product updates through their TIBCO fulfillment channels.'

References

Vulnerable Configurations

cpe:2.3:a:tibco:activecatalog:*:*:*:*:*:*:*:*
cpe:2.3:a:tibco:activecatalog:*:*:*:*:*:*:*:*
cpe:2.3:a:tibco:collaborative_information_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:tibco:collaborative_information_manager:*:*:*:*:*:*:*:*

CVSS

Base:	7.5 (as of 17-08-2017 - 01:33)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:P/A:P

refmap via4

bid	45691
confirm	http://www.tibco.com/multimedia/cim_advisory_20110105_tcm8-12765.txt http://www.tibco.com/services/support/advisories/cim-advisory_20100105.jsp
osvdb	70373
sectrack	1024942
secunia	42791
vupen	ADV-2011-0037
xf	tibco-urls-information-disclosure(64522)

Last major update

17-08-2017 - 01:33

Published

07-01-2011 - 19:00

Last modified

17-08-2017 - 01:33