CyberSec.Space Logo
Back to CVE Browser

CVE-2010-3491

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1870%
EPSS Percentile33.47th
PublishedOct 26, 2010
Last ModifiedApr 29, 2026

Vulnerability Description

The (1) ActiveMatrix Runtime and (2) ActiveMatrix Administrator components in TIBCO ActiveMatrix Service Grid before 2.3.1, ActiveMatrix Service Bus before 2.3.1, ActiveMatrix BusinessWorks Service Engine before 5.8.1, and ActiveMatrix Service Performance Manager before 1.3.2 do not properly handle JMX connections, which allows remote attackers to execute arbitrary code, obtain sensitive information, or cause a denial of service via unspecified vectors.

Affected Platforms (CPE)

πŸ“¦
Tibco

Activematrix Businessworks Service Engine

<= 5.8.0
πŸ“¦
Tibco

Activematrix Service Bus

<= 2.3.0
πŸ“¦
Tibco

Activematrix Service Grid

<= 2.3.0
πŸ“¦
Tibco

Activematrix Service Performance Manager

<= 1.3.1

References & Advisories

πŸ”— http://secunia.com/advisories/41891
πŸ”— http://www.securityfocus.com/bid/44254
πŸ”— http://www.tibco.com/multimedia/activematrix_advisory_tcm8-12488.txt
πŸ”— http://www.tibco.com/services/support/advisories/activematrix-advisory_20101019.jsp
πŸ”— http://www.vupen.com/english/advisories/2010/2747
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/62674
πŸ”— http://secunia.com/advisories/41891
πŸ”— http://www.securityfocus.com/bid/44254

Related Vulnerabilities

CVE-2010-44959.0

Unspecified vulnerability in the ActiveMatrix Runtime component in TIBCO ActiveMatrix Service Grid 3.0.0, 3.0.1, and 3.1.0; Active...

CVE-2012-06875.0

TIBCO ActiveMatrix Runtime Platform in Service Grid and Service Bus 2.x before 2.3.2 and BusinessWorks Service Engine before 5.8.2...

CVE-2012-06895.0

The server in TIBCO ActiveMatrix Platform in TIBCO Silver Fabric ActiveMatrix Service Grid Distribution 3.1.3, Service Grid and Se...

CVE-2012-06884.3

Cross-site scripting (XSS) vulnerability in TIBCO ActiveMatrix Platform in TIBCO Silver Fabric ActiveMatrix Service Grid Distribut...