SQL Injection Vulnerabilities in TIBCO Collaborative Information Manager
CVE-2010-4496

Currently unrated

Key Information:

Vendor: Tibco
Status: Collaborative Information Manager; Activecatalog
Vendor: CVE Published:; 7 January 2011

Summary

The TIBCO Collaborative Information Manager is susceptible to multiple SQL injection vulnerabilities that enable remote attackers to execute arbitrary SQL commands. These security flaws exist due to improper input validation, allowing unauthorized access to the database through unspecified attack vectors. It is essential for users of affected versions to apply security patches promptly to mitigate these risks.

References

http://www.securityfocus.com/bid/45691

vdb-entryx_refsource_BID

http://osvdb.org/70371

vdb-entryx_refsource_OSVDB

http://secunia.com/advisories/42791

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Jan 7, 2011
Vulnerability Reserved
Dec 7, 2010