返回 CVE 浏览器

CVE-2010-3491

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.1870%

EPSS Percentile33.47th

Published2010年10月26日

Last Modified2026年4月29日

Vulnerability Description

The (1) ActiveMatrix Runtime and (2) ActiveMatrix Administrator components in TIBCO ActiveMatrix Service Grid before 2.3.1, ActiveMatrix Service Bus before 2.3.1, ActiveMatrix BusinessWorks Service Engine before 5.8.1, and ActiveMatrix Service Performance Manager before 1.3.2 do not properly handle JMX connections, which allows remote attackers to execute arbitrary code, obtain sensitive information, or cause a denial of service via unspecified vectors.

Affected Platforms (CPE)

📦

Tibco

Activematrix Businessworks Service Engine

<= 5.8.0

📦

Tibco

Activematrix Service Bus

<= 2.3.0

📦

Tibco

Activematrix Service Grid

<= 2.3.0

📦

Tibco

Activematrix Service Performance Manager

<= 1.3.1

References & Advisories

🔗 http://secunia.com/advisories/41891

🔗 http://www.securityfocus.com/bid/44254

🔗 http://www.tibco.com/multimedia/activematrix_advisory_tcm8-12488.txt

🔗 http://www.tibco.com/services/support/advisories/activematrix-advisory_20101019.jsp

🔗 http://www.vupen.com/english/advisories/2010/2747

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/62674

🔗 http://secunia.com/advisories/41891

🔗 http://www.securityfocus.com/bid/44254

相关漏洞威胁

CVE-2010-44959.0

Unspecified vulnerability in the ActiveMatrix Runtime component in TIBCO ActiveMatrix Service Grid 3.0.0, 3.0.1, and 3.1.0; Active...

CVE-2012-06875.0

TIBCO ActiveMatrix Runtime Platform in Service Grid and Service Bus 2.x before 2.3.2 and BusinessWorks Service Engine before 5.8.2...

CVE-2012-06895.0

The server in TIBCO ActiveMatrix Platform in TIBCO Silver Fabric ActiveMatrix Service Grid Distribution 3.1.3, Service Grid and Se...

CVE-2012-06884.3

Cross-site scripting (XSS) vulnerability in TIBCO ActiveMatrix Platform in TIBCO Silver Fabric ActiveMatrix Service Grid Distribut...