CVE-2012-0687

{"id": "CVE-2012-0687", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2012-03-13T10:55:01.010", "references": [{"url": "http://www.tibco.com/multimedia/activematrix2_advisory_20120308_tcm8-15726.txt", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.tibco.com/multimedia/activematrix3_advisory_20120308_tcm8-15728.txt", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.tibco.com/multimedia/businessevents_advisory_20120308_tcm8-15729.txt", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.tibco.com/multimedia/businessworks_advisory_20120308_tcm8-15730.txt", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.tibco.com/services/support/advisories/amx-be-spotfire-advisory_20120308.jsp", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "TIBCO ActiveMatrix Runtime Platform in Service Grid and Service Bus 2.x before 2.3.2 and BusinessWorks Service Engine before 5.8.2; TIBCO ActiveMatrix Platform in TIBCO Silver Fabric ActiveMatrix Service Grid Distribution 3.1.3, Service Grid and Service Bus 3.x before 3.1.5, BusinessWorks Service Engine 5.9.x before 5.9.3, and BPM before 1.3.0; TIBCO BusinessEvents Runtime in Enterprise and Inference Editions 3.x before 3.0.3, Standard Edition 4.x before 4.0.2, and Standard Edition and Express 5.0.0; and TIBCO BusinessWorks Engine in TIBCO Silver Fabric ActiveMatrix BusinessWorks Distribution 5.9.2 and ActiveMatrix BusinessWorks before 5.9.3 allow remote attackers to obtain sensitive information via a crafted URL."}, {"lang": "es", "value": "TIBCO ActiveMatrix Runtime Platform de Service Grid y Service Bus 2.x anteriores a 2.3.2 y BusinessWorks Service Engine anteriores a 5.8.2; TIBCO ActiveMatrix Platform de TIBCO Silver Fabric ActiveMatrix Service Grid Distribution 3.1.3, Service Grid y Service Bus 3.x anteriores a 3.1.5, BusinessWorks Service Engine 5.9.x anteriores a 5.9.3, y BPM anteriores a 1.3.0; TIBCO BusinessEvents Runtime de Enterprise y Inference Editions 3.x anteriores a 3.0.3, Standard Edition 4.x anteriores a 4.0.2, y Standard Edition y Express 5.0.0; y TIBCO BusinessWorks Engine de TIBCO Silver Fabric ActiveMatrix BusinessWorks Distribution 5.9.2 y ActiveMatrix BusinessWorks anteriores a 5.9.3 permiten a atacantes remotos obtener informaci\u00f3n confidencial a trav\u00e9s de una URL modificada."}], "lastModified": "2012-03-14T04:00:00.000", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:tibco:activematrix_service_bus:2.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1327844B-F7C0-4AAC-8C4B-2D636962FA05"}, {"criteria": "cpe:2.3:a:tibco:activematrix_service_bus:2.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1F1B1EBE-1D83-4EE7-8163-01A0DAAD57ED"}, {"criteria": "cpe:2.3:a:tibco:activematrix_service_bus:2.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7C8EE5C4-6925-4350-B0AA-25EA7CBAC521"}, {"criteria": "cpe:2.3:a:tibco:activematrix_service_bus:2.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB0CF9E0-98A3-4C71-88F5-6F4CFD279E13"}, {"criteria": "cpe:2.3:a:tibco:activematrix_service_bus:2.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1F052E8A-20B8-4A10-AE17-05A58E483AA0"}, {"criteria": "cpe:2.3:a:tibco:activematrix_service_bus:2.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "79E3F956-9FFB-4655-B70D-FC16D361222A"}, {"criteria": "cpe:2.3:a:tibco:activematrix_service_bus:2.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4AF7A848-DA84-4252-BA8F-7D063050AC21"}, {"criteria": "cpe:2.3:a:tibco:activematrix_service_bus:2.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "63A24DBF-4091-4B99-9970-FCD54EA15BC8"}, {"criteria": "cpe:2.3:a:tibco:activematrix_service_bus:3.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A2BB758D-5C74-493C-ABE7-6DA289253636"}, {"criteria": "cpe:2.3:a:tibco:activematrix_service_bus:3.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F3A5CE12-C8A8-4E48-BF6C-914C284D391C"}, {"criteria": "cpe:2.3:a:tibco:activematrix_service_grid:2.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5033723A-C919-4A27-8FF6-52A32BCCB017"}, {"criteria": "cpe:2.3:a:tibco:activematrix_service_grid:2.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BFCCF420-1F20-4D02-966A-AD6289DE288A"}, {"criteria": "cpe:2.3:a:tibco:activematrix_service_grid:2.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E936C75A-CBBF-47EB-AE2A-1ACBD2F6FBE6"}, {"criteria": "cpe:2.3:a:tibco:activematrix_service_grid:2.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C03217D0-B2FC-4633-BA64-C54783D1E724"}, {"criteria": "cpe:2.3:a:tibco:activematrix_service_grid:2.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0C8DFB0E-2566-4D9A-BDF9-0A7B3508C070"}, {"criteria": "cpe:2.3:a:tibco:activematrix_service_grid:2.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "76EFABBA-ABC4-4F90-AC85-938260E653AA"}, {"criteria": "cpe:2.3:a:tibco:activematrix_service_grid:2.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9694E246-B73B-4644-915F-1FEA7F1DF415"}, {"criteria": "cpe:2.3:a:tibco:activematrix_service_grid:2.3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7A4CEE48-3302-4138-8E61-0DA60452CFA9"}, {"criteria": "cpe:2.3:a:tibco:activematrix_service_grid:3.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "68B99531-DFDA-4625-B0E7-4CDF20A73DF1"}, {"criteria": "cpe:2.3:a:tibco:activematrix_service_grid:3.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F28DAF05-7BB6-404E-8710-A61866338605"}, {"criteria": "cpe:2.3:a:tibco:activematrix_service_grid:3.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F633E9D8-BCB2-4748-A91C-1A3D5CD1C953"}, {"criteria": "cpe:2.3:a:tibco:activematrix_service_grid:3.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C77FCFF9-EEFA-4098-BBAC-7D35E04D130A"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:tibco:activematrix_businessworks_service_engine:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4DAA2448-FDC2-4B64-AFE5-BF65317DFD74", "versionEndIncluding": "5.8.1"}, {"criteria": "cpe:2.3:a:tibco:activematrix_businessworks_service_engine:5.6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2B6A2A1E-FF90-44BA-B97E-7CFF440BF084"}, {"criteria": "cpe:2.3:a:tibco:activematrix_businessworks_service_engine:5.6.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F79D6572-D634-4A09-A1D4-1DD199645EB4"}, {"criteria": "cpe:2.3:a:tibco:activematrix_businessworks_service_engine:5.6.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6A3A3AC0-5C0E-4D98-84D7-8327D116EDB7"}, {"criteria": "cpe:2.3:a:tibco:activematrix_businessworks_service_engine:5.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A25960E5-D2F0-4C64-B9A0-4D792B90F901"}, {"criteria": "cpe:2.3:a:tibco:activematrix_businessworks_service_engine:5.7.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3E9E211C-1ADF-4E40-AFD8-0FD2816F04F5"}, {"criteria": "cpe:2.3:a:tibco:activematrix_businessworks_service_engine:5.7.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "73CD7625-A5ED-4D88-AFBF-450AE2E439D3"}, {"criteria": "cpe:2.3:a:tibco:activematrix_businessworks_service_engine:5.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B72511C0-3CDA-40F4-8C35-0B2B03D19BFC"}, {"criteria": "cpe:2.3:a:tibco:activematrix_businessworks_service_engine:5.9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F5A147E2-A869-4306-94C7-D5B32333EE1E"}, {"criteria": "cpe:2.3:a:tibco:activematrix_businessworks_service_engine:5.9.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B8673962-517F-40F8-AA69-DB94CECD0A33"}, {"criteria": "cpe:2.3:a:tibco:activematrix_businessworks_service_engine:5.9.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3FDC53F2-7AC7-490F-A1F9-55D3760D9175"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:tibco:silver_fabric_activematrix_service_grid_distribution:3.1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F2C115BF-EBFF-45E2-A63F-B35F1B6FE42E"}, {"criteria": "cpe:2.3:a:tibco:silver_fabric_activematrix_service_grid_distribution:5.9.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CCC473FC-B30F-41C1-AABC-86980CF2E563"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:tibco:activematrix_bpm:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AC2B9890-BE2B-46BA-9E23-306902AFC286", "versionEndIncluding": "1.2.0"}, {"criteria": "cpe:2.3:a:tibco:activematrix_bpm:1.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "47C5D35B-3DA4-4829-9115-9061F725392B"}, {"criteria": "cpe:2.3:a:tibco:activematrix_bpm:1.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5C5F8D9F-C1E1-4F39-BF08-D08FC07523C1"}, {"criteria": "cpe:2.3:a:tibco:activematrix_bpm:1.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "690E5EB3-C8C4-416C-B6A8-94C1222AEC61"}, {"criteria": "cpe:2.3:a:tibco:activematrix_bpm:1.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "91468F89-DBAF-45C9-894C-851583D84BAB"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:tibco:businessevents:3.0:*:enterprise:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A635FA7A-831D-4A70-BB12-1DD8F8CBB1B0"}, {"criteria": "cpe:2.3:a:tibco:businessevents:3.0:*:inference:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D2A70B8C-1B8F-4D77-BBDE-720561D8D04E"}, {"criteria": "cpe:2.3:a:tibco:businessevents:3.0.1:*:enterprise:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1D26C307-61C7-4CE4-B6B8-52D24491DA41"}, {"criteria": "cpe:2.3:a:tibco:businessevents:3.0.2:*:enterprise:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4A365D8D-6261-4535-A811-0D8D3EB36D22"}, {"criteria": "cpe:2.3:a:tibco:businessevents:3.0.2:*:inference:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "824E6C4B-5F11-4073-AE4F-6934F1D0A5CF"}, {"criteria": "cpe:2.3:a:tibco:businessevents:4.0:*:standard:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "24FBA4F6-E78B-4261-81C0-03C6D87A0586"}, {"criteria": "cpe:2.3:a:tibco:businessevents:4.0.1:*:standard:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EA2DF7B4-13B2-4C33-A26A-4C75D1D2C44F"}, {"criteria": "cpe:2.3:a:tibco:businessevents:5.0:*:express:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2BCA6DA4-61C5-4017-A436-292A4016D562"}, {"criteria": "cpe:2.3:a:tibco:businessevents:5.0:*:standard:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CD81DADC-39A4-4652-A1AC-20F1CCE50AD3"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:tibco:activematrix_businessworks:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BC861446-3E30-4776-B874-F2E3C8C49816", "versionEndIncluding": "5.9.2"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}