Vulnerability Description
Buffer overflow in the HTTP administrative interface in TIBCO Rendezvous before 8.4.4, Rendezvous Network Server before 1.1.1, Substation ES before 2.9.0, and Messaging Appliance before 8.7.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors, related to the Rendezvous Daemon (rvd), Routing Daemon (rvrd), Secure Daemon (rvsd), Secure Routing Daemon (rvsrd), Gateway Daemon (rvgd), Daemon Adapter (rvda), Cache (rvcache), Agent (rva), and Relay Agent (rvrad) components.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Tibco | Messaging Appliance | <= 8.7.1 |
| Tibco | Rendezvous | <= 8.4.3 |
| Tibco | Rendezvous Network Server | <= 1.1.0 |
| Tibco | Substation Es | <= 2.8.1 |
References
- http://www.securitytracker.com/id/1033677Third Party AdvisoryVDB Entry
- http://www.tibco.com/assets/blt18493dc775c50c09/2015-002-advisory.txtVendor Advisory
- http://www.tibco.com/mk/advisory.jspVendor Advisory
- http://www.securitytracker.com/id/1033677Third Party AdvisoryVDB Entry
- http://www.tibco.com/assets/blt18493dc775c50c09/2015-002-advisory.txtVendor Advisory
- http://www.tibco.com/mk/advisory.jspVendor Advisory
FAQ
What is CVE-2015-4555?
CVE-2015-4555 is a vulnerability with a CVSS score of 7.5 (HIGH). Buffer overflow in the HTTP administrative interface in TIBCO Rendezvous before 8.4.4, Rendezvous Network Server before 1.1.1, Substation ES before 2.9.0, and Messaging Appliance before 8.7.2 allows r...
How severe is CVE-2015-4555?
CVE-2015-4555 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-4555?
Check the references section above for vendor advisories and patch information. Affected products include: Tibco Messaging Appliance, Tibco Rendezvous, Tibco Rendezvous Network Server, Tibco Substation Es.