Arbitrary Code Execution Vulnerability in TIBCO ActiveMatrix Products
CVE-2010-4495

Currently unrated

Key Information:

Vendor: Tibco
Status: Activematrix Bpm; Activematrix Service Grid; Activematrix Service Bus; Silver Cap Service
Vendor: CVE Published:; 17 December 2010

Summary

This vulnerability in TIBCO ActiveMatrix products allows remote authenticated users access to execute arbitrary code through exploitation of JMX connection interfaces. The affected versions include multiple iterations of ActiveMatrix Runtime, Service Bus, BusinessWorks Service Engine, and BPM services, highlighting a significant risk within implementations. Organizations should assess their products for this vulnerability and implement necessary mitigations to safeguard their systems from potential unauthorized actions.

References

http://secunia.com/advisories/42640

third-party-advisoryx_refsource_SECUNIA

http://www.vupen.com/english/advisories/2010/3241

vdb-entryx_refsource_VUPEN

http://www.securityfocus.com/bid/45400

vdb-entryx_refsource_BID

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Dec 17, 2010