CVE-2010-0184 — Runtime Agent vulnerability
Severity
7.2HIGHNVD
EPSS
0.0%
top 90.03%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJan 14
Latest updateMay 2
Description
The (1) domainutility and (2) domainutilitycmd components in TIBCO Domain Utility in TIBCO Runtime Agent (TRA) before 5.6.2, as used in TIBCO ActiveMatrix BusinessWorks and other products, set weak permissions on domain properties files, which allows local users to obtain domain administrator credentials, and gain privileges on all domain systems, via unspecified vectors.
CVSS vector
AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0
Affected Packages1 packages
🔴Vulnerability Details
2GHSA▶
GHSA-f23h-24h4-f4x9: The (1) domainutility and (2) domainutilitycmd components in TIBCO Domain Utility in TIBCO Runtime Agent (TRA) before 5↗2022-05-02
CVEList▶
CVE-2010-0184: The (1) domainutility and (2) domainutilitycmd components in TIBCO Domain Utility in TIBCO Runtime Agent (TRA) before 5↗2010-01-14
💥Exploits & PoCs
1Exploit-DB
▶
💬Community
1Bugzilla▶
CVE-2010-2387 gdm: logs user passwors that contain invalid UTF8-encoded characters, in debug mode↗2012-12-21