CVE-2010-4496

Опубликовано: 07 янв. 2011

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Multiple SQL injection vulnerabilities in Collaborative Information Manager server, as used in TIBCO Collaborative Information Manager before 8.1.0 and ActiveCatalog before 1.0.1, allow remote attackers to execute arbitrary SQL commands via unspecified vectors.

Ссылки

http://osvdb.org/70371
http://secunia.com/advisories/42791
Vendor Advisory
http://www.securityfocus.com/bid/45691
http://www.securitytracker.com/id?1024942
http://www.tibco.com/multimedia/cim_advisory_20110105_tcm8-12765.txt
Vendor Advisory
http://www.tibco.com/services/support/advisories/cim-advisory_20100105.jsp
Vendor Advisory
http://www.vupen.com/english/advisories/2011/0037
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/64520
http://osvdb.org/70371
http://secunia.com/advisories/42791
Vendor Advisory
http://www.securityfocus.com/bid/45691
http://www.securitytracker.com/id?1024942
http://www.tibco.com/multimedia/cim_advisory_20110105_tcm8-12765.txt
Vendor Advisory
http://www.tibco.com/services/support/advisories/cim-advisory_20100105.jsp
Vendor Advisory
http://www.vupen.com/english/advisories/2011/0037
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/64520

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:tibco:activecatalog:*:*:*:*:*:*:*:*

Версия до 1.0 (включая)

cpe:2.3:a:tibco:collaborative_information_manager:*:*:*:*:*:*:*:*

Версия до 8.0 (включая)

EPSS

Процентиль: 74%

0.00836

Низкий

7.5 High

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-wj7f-q5c3-fxrc

github

больше 3 лет назад