Vulnerability Description
The (1) domainutility and (2) domainutilitycmd components in TIBCO Domain Utility in TIBCO Runtime Agent (TRA) before 5.6.2, as used in TIBCO ActiveMatrix BusinessWorks and other products, set weak permissions on domain properties files, which allows local users to obtain domain administrator credentials, and gain privileges on all domain systems, via unspecified vectors.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Tibco | Runtime Agent | <= 5.6.1 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/38191Vendor Advisory
- http://www.securityfocus.com/bid/37805
- http://www.tibco.com/mk/advisory.jspVendor Advisory
- http://www.tibco.com/multimedia/security_advisory_runtime_agent_20100113_tcm8-10
- http://www.vupen.com/english/advisories/2010/0128Vendor Advisory
- http://secunia.com/advisories/38191Vendor Advisory
- http://www.securityfocus.com/bid/37805
- http://www.tibco.com/mk/advisory.jspVendor Advisory
- http://www.tibco.com/multimedia/security_advisory_runtime_agent_20100113_tcm8-10
- http://www.vupen.com/english/advisories/2010/0128Vendor Advisory
FAQ
What is CVE-2010-0184?
CVE-2010-0184 is a vulnerability with a CVSS score of 7.2 (HIGH). The (1) domainutility and (2) domainutilitycmd components in TIBCO Domain Utility in TIBCO Runtime Agent (TRA) before 5.6.2, as used in TIBCO ActiveMatrix BusinessWorks and other products, set weak pe...
How severe is CVE-2010-0184?
CVE-2010-0184 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-0184?
Check the references section above for vendor advisories and patch information. Affected products include: Tibco Runtime Agent.