CVE-2010-0184

Опубликовано: 14 янв. 2010

Источник: nvd

CVSS2: 7.2

EPSS Низкий

Описание

The (1) domainutility and (2) domainutilitycmd components in TIBCO Domain Utility in TIBCO Runtime Agent (TRA) before 5.6.2, as used in TIBCO ActiveMatrix BusinessWorks and other products, set weak permissions on domain properties files, which allows local users to obtain domain administrator credentials, and gain privileges on all domain systems, via unspecified vectors.

Ссылки

http://secunia.com/advisories/38191
Vendor Advisory
http://www.securityfocus.com/bid/37805
http://www.tibco.com/mk/advisory.jsp
Vendor Advisory
http://www.tibco.com/multimedia/security_advisory_runtime_agent_20100113_tcm8-10392.txt
http://www.vupen.com/english/advisories/2010/0128
Vendor Advisory
http://secunia.com/advisories/38191
Vendor Advisory
http://www.securityfocus.com/bid/37805
http://www.tibco.com/mk/advisory.jsp
Vendor Advisory
http://www.tibco.com/multimedia/security_advisory_runtime_agent_20100113_tcm8-10392.txt
http://www.vupen.com/english/advisories/2010/0128
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:tibco:runtime_agent:*:*:*:*:*:*:*:*

Версия до 5.6.1 (включая)

cpe:2.3:a:tibco:runtime_agent:5.4.0:*:*:*:*:*:*:*

cpe:2.3:a:tibco:runtime_agent:5.5.3:*:*:*:*:*:*:*

cpe:2.3:a:tibco:runtime_agent:5.5.4:*:*:*:*:*:*:*

cpe:2.3:a:tibco:runtime_agent:5.6:*:*:*:*:*:*:*

EPSS

Процентиль: 10%

0.00034

Низкий

7.2 High

CVSS2

Дефекты

CWE-264

Связанные уязвимости

GHSA-f23h-24h4-f4x9

github

почти 4 года назад