CVE-2014-5286

Опубликовано: 19 фев. 2015

Источник: nvd

CVSS2: 6.4

EPSS Низкий

Описание

The ActiveMatrix Policy Manager Authentication module in TIBCO ActiveMatrix Policy Agent 3.x before 3.1.2, ActiveMatrix Policy Manager 3.x before 3.1.2, ActiveMatrix Management Agent 1.x before 1.2.1 for WCF, and ActiveMatrix Management Agent 1.x before 1.2.1 for WebSphere allows remote attackers to gain privileges and obtain sensitive information via unspecified vectors.

Ссылки

http://www.tibco.com/assets/blt1b18947cad32d1c4/2014-007-advisory.txt
Vendor Advisory
http://www.tibco.com/mk/advisory.jsp
Vendor Advisory
http://www.tibco.com/services/support/advisories/activematrix-advisory_20150218
http://www.tibco.com/assets/blt1b18947cad32d1c4/2014-007-advisory.txt
Vendor Advisory
http://www.tibco.com/mk/advisory.jsp
Vendor Advisory
http://www.tibco.com/services/support/advisories/activematrix-advisory_20150218

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:tibco:activematrix_management_agent:1.0.0:*:*:*:*:websphere:*:*

cpe:2.3:a:tibco:activematrix_management_agent:1.0.0:*:*:*:*:windows_communication_foundation:*:*

cpe:2.3:a:tibco:activematrix_management_agent:1.1.0:*:*:*:*:websphere:*:*

cpe:2.3:a:tibco:activematrix_management_agent:1.1.0:*:*:*:*:windows_communication_foundation:*:*

cpe:2.3:a:tibco:activematrix_management_agent:1.2.0:*:*:*:*:websphere:*:*

cpe:2.3:a:tibco:activematrix_management_agent:1.2.0:*:*:*:*:windows_communication_foundation:*:*

cpe:2.3:a:tibco:activematrix_policy_agent:3.0.0:*:*:*:*:*:*:*

cpe:2.3:a:tibco:activematrix_policy_agent:3.1.0:*:*:*:*:*:*:*

cpe:2.3:a:tibco:activematrix_policy_agent:3.1.1:*:*:*:*:*:*:*

cpe:2.3:a:tibco:activematrix_policy_manager:3.0.0:*:*:*:*:*:*:*

cpe:2.3:a:tibco:activematrix_policy_manager:3.1.0:*:*:*:*:*:*:*

cpe:2.3:a:tibco:activematrix_policy_manager:3.1.1:*:*:*:*:*:*:*

EPSS

Процентиль: 49%

0.0026

Низкий

6.4 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

GHSA-4fmg-h3g8-q9j8

github

больше 3 лет назад