CVE-2010-3491

Name of the Vulnerable Software and Affected Versions TIBCO ActiveMatrix Service Grid versions prior to 2.3.1 TIBCO ActiveMatrix Service Bus versions prior to 2.3.1 TIBCO ActiveMatrix BusinessWorks Service Engine versions prior to 5.8.1 TIBCO ActiveMatrix Service Performance Manager versions prior to 1.3.2

Description The issue is related to the improper handling of JMX connections by the ActiveMatrix Runtime and ActiveMatrix Administrator components. This allows remote attackers to execute arbitrary code, obtain sensitive information, or cause a denial of service via unspecified vectors.

Recommendations For TIBCO ActiveMatrix Service Grid versions prior to 2.3.1, update to version 2.3.1 or later. For TIBCO ActiveMatrix Service Bus versions prior to 2.3.1, update to version 2.3.1 or later. For TIBCO ActiveMatrix BusinessWorks Service Engine versions prior to 5.8.1, update to version 5.8.1 or later. For TIBCO ActiveMatrix Service Performance Manager versions prior to 1.3.2, update to version 1.3.2 or later.