CVE-2010-4499

Опубликовано: 07 янв. 2011

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Session fixation vulnerability in Collaborative Information Manager server, as used in TIBCO Collaborative Information Manager before 8.1.0 and ActiveCatalog before 1.0.1, allows remote attackers to hijack web sessions via unspecified vectors.

Ссылки

http://osvdb.org/70374
http://secunia.com/advisories/42791
Vendor Advisory
http://www.securityfocus.com/bid/45691
http://www.securitytracker.com/id?1024942
http://www.tibco.com/multimedia/cim_advisory_20110105_tcm8-12765.txt
Vendor Advisory
http://www.tibco.com/services/support/advisories/cim-advisory_20100105.jsp
Vendor Advisory
http://www.vupen.com/english/advisories/2011/0037
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/64523
http://osvdb.org/70374
http://secunia.com/advisories/42791
Vendor Advisory
http://www.securityfocus.com/bid/45691
http://www.securitytracker.com/id?1024942
http://www.tibco.com/multimedia/cim_advisory_20110105_tcm8-12765.txt
Vendor Advisory
http://www.tibco.com/services/support/advisories/cim-advisory_20100105.jsp
Vendor Advisory
http://www.vupen.com/english/advisories/2011/0037
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/64523

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:tibco:activecatalog:*:*:*:*:*:*:*:*

Версия до 1.0 (включая)

cpe:2.3:a:tibco:collaborative_information_manager:*:*:*:*:*:*:*:*

Версия до 8.0 (включая)

EPSS

Процентиль: 67%

0.00545

Низкий

4.3 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-h3v9-chrp-f4j9

github

больше 3 лет назад