CVE-2010-4498

{"id": "CVE-2010-4498", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2011-01-07T19:00:18.547", "references": [{"url": "http://osvdb.org/70373", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/42791", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/45691", "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id?1024942", "source": "cve@mitre.org"}, {"url": "http://www.tibco.com/multimedia/cim_advisory_20110105_tcm8-12765.txt", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.tibco.com/services/support/advisories/cim-advisory_20100105.jsp", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2011/0037", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64522", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Collaborative Information Manager server, as used in TIBCO Collaborative Information Manager before 8.1.0 and ActiveCatalog before 1.0.1, allows remote attackers to modify data or obtain sensitive information via a crafted URL."}, {"lang": "es", "value": "Vulnerabilidad no especificada en Collaborative Information Manager, como el usado en TIBCO Collaborative Information Manager anteriores a v8.1.0 y ActiveCatalog anteriores a v1.0.1, permite a atacantes remotos la modificaci\u00f3n de datos u obtener informaci\u00f3n sensible a trav\u00e9s de una URL manipulada."}], "lastModified": "2017-08-17T01:33:14.040", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:tibco:activecatalog:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B74F110D-E53A-4712-8C85-C7D192056BF4", "versionEndIncluding": "1.0"}, {"criteria": "cpe:2.3:a:tibco:collaborative_information_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4BEC429E-5352-45F6-8BFF-7287A8D4738B", "versionEndIncluding": "8.0"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org", "evaluatorSolution": "Per: http://www.tibco.com/services/support/advisories/cim-advisory_20100105.jsp\r\n\r\n'Customers with current maintenance can obtain product updates through their TIBCO fulfillment channels.'"}