CVSS: 5.0EPSS: 0%CPEs: 9EXPL: 0CVE-2012-0689
https://notcve.org/view.php?id=CVE-2012-0689
The server in TIBCO ActiveMatrix Platform in TIBCO Silver Fabric ActiveMatrix Service Grid Distribution 3.1.3, Service Grid and Service Bus 3.x before 3.1.5, BusinessWorks Service Engine 5.9.x before 5.9.3, and BPM before 1.3.0 allows remote attackers to discover credentials via unspecified vectors. El servidor de TIBCO ActiveMatrix Platform de TIBCO Silver Fabric ActiveMatrix Service Grid Distribution 3.1.3, Service Grid y Service Bus 3.x anteriores a 3.1.5, BusinessWorks Service Engine 5.9.x anteriores a 5.9.3, y BPM anteriores a 1.3.0 permite a atacantes remotos obtener credenciales a través de vectores sin especificar. • http://www.tibco.com/multimedia/activematrix3_advisory_20120308_tcm8-15728.txt http://www.tibco.com/services/support/advisories/amx-be-spotfire-advisory_20120308.jsp • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.0EPSS: 0%CPEs: 10EXPL: 0CVE-2010-4495
https://notcve.org/view.php?id=CVE-2010-4495
Unspecified vulnerability in the ActiveMatrix Runtime component in TIBCO ActiveMatrix Service Grid 3.0.0, 3.0.1, and 3.1.0; ActiveMatrix Service Bus 3.0.0 and 3.0.1; ActiveMatrix BusinessWorks Service Engine 5.9.0; ActiveMatrix BPM 1.0.1 and 1.0.2; Silver BPM Service 1.0.1; and Silver CAP Service 1.0.0 allows remote authenticated users to execute arbitrary code via vectors related to JMX connections. Vulnerabilidad no especificada en el componente Runtime ActiveMatrix de TIBCO ActiveMatrix Service Grid v3.0.0, v3.0.1 y v3.1.0; ActiveMatrix Service Bus v3.0.0 y v3.0.1; ActiveMatrix BusinessWorks Service Engine v5.9.0, v1.0.1 y ActiveMatrix BPM v1.0.2, Silver BPM Service v1.0.1, y de Silver CAP Service v1.0.0 permite a usuarios remotos autenticados para ejecutar código arbitrario a través de vectores relacionados con las conexiones JMX. • http://secunia.com/advisories/42640 http://www.securityfocus.com/bid/45400 http://www.securitytracker.com/id?1024894 http://www.tibco.com/multimedia/activematrix_advisory_20101214_tcm8-12728.txt http://www.vupen.com/english/advisories/2010/3241 •
CVSS: 10.0EPSS: 9%CPEs: 4EXPL: 0CVE-2010-3491
https://notcve.org/view.php?id=CVE-2010-3491
The (1) ActiveMatrix Runtime and (2) ActiveMatrix Administrator components in TIBCO ActiveMatrix Service Grid before 2.3.1, ActiveMatrix Service Bus before 2.3.1, ActiveMatrix BusinessWorks Service Engine before 5.8.1, and ActiveMatrix Service Performance Manager before 1.3.2 do not properly handle JMX connections, which allows remote attackers to execute arbitrary code, obtain sensitive information, or cause a denial of service via unspecified vectors. Los componentes (1) ActiveMatrix Runtime y(2) ActiveMatrix Administrator en TIBCO ActiveMatrix Service Grid anterior v2.3.1, ActiveMatrix Service Bus anterior v2.3.1, ActiveMatrix BusinessWorks Service Engine anterior v5.8.1, y ActiveMatrix Service Performance Manager anterior v1.3.2 no maneja adecuadamente las conexiones JMX, lo que permite a atacantes remotos ejecutar código de su elección, obtener información sensible, o causar una denegación de servicio a través de vectores no especificados. • http://secunia.com/advisories/41891 http://www.securityfocus.com/bid/44254 http://www.tibco.com/multimedia/activematrix_advisory_tcm8-12488.txt http://www.tibco.com/services/support/advisories/activematrix-advisory_20101019.jsp http://www.vupen.com/english/advisories/2010/2747 https://exchange.xforce.ibmcloud.com/vulnerabilities/62674 • CWE-20: Improper Input Validation •