Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2006-4676Rendezvous vulnerability

4 documents4 sources
Severity
1.2LOWNVD
EPSS
0.4%
top 39.50%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Tibco Rendezvous
Timeline
PublishedSep 11
Latest updateMay 1

Description

TIBCO RendezVous 7.4.11 and earlier logs base64-encoded usernames and passwords in rvrd.db, which allows local users to obtain sensitive information by decoding the log file.

CVSS vector

AV:L/AC:H/C:P/I:N/A:NExploitability: 1.9 | Impact: 2.9

Affected Packages1 packages

NVDtibco/rendezvous7.4.11

🔴Vulnerability Details

2
GHSA
GHSA-gqvr-6j76-fmfq: TIBCO RendezVous 72022-05-01
CVEList
CVE-2006-4676: TIBCO RendezVous 72006-09-11

💥Exploits & PoCs

1
Exploit-DB
TIBCO Rendezvous 7.4.11 - Password Extractor2006-09-01
CVE-2006-4676 — Tibco Rendezvous vulnerability | cvebase