CVE-2011-0649 — Silver BPM Service vulnerability

3 documents3 sources

Severity

7.2HIGHNVD

EPSS

0.1%

top 80.86%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Tibco Silver BPM Service Tibco Silver CAP Service Tibco Enterprise Message Service +3 more

Timeline

PublishedFeb 4

Latest updateMay 17

Description

Multiple unspecified vulnerabilities in TIBCO Rendezvous 8.2.1 through 8.3.0, Enterprise Message Service (EMS) 5.1.0 through 6.0.0, Runtime Agent (TRA) 5.6.2 through 5.7.0, Silver BPM Service before 1.0.4, Silver CAP Service vebefore 1.0.2, and Silver BusinessWorks Service 1.0.0, when running on Unix systems, allow local users to gain root privileges via unknown vectors related to SUID and (1) Rendezvous Routing Daemon (rvrd), (2) Rendezvous Secure Daemon (rvsd), (3) Rendezvous Secure Routing Da…

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages6 packages

▶NVDtibco/silver_businessworks_service1.0.0

▶NVDtibco/silver_bpm_service1.0.3+1

▶NVDtibco/silver_cap_service1.0.1+1

▶NVDtibco/enterprise_message_service5.1.0, 5.1.1, 6.0.0+2

▶NVDtibco/rendezvous8.2.1, 8.3.0+1

🔴Vulnerability Details

GHSA

GHSA-hwqv-g52g-rgvm: Multiple unspecified vulnerabilities in TIBCO Rendezvous 8↗2022-05-17

▶

CVEList

CVE-2011-0649: Multiple unspecified vulnerabilities in TIBCO Rendezvous 8↗2011-02-04

▶