CVE-2014-5286

TIBCO ActiveMatrix Policy Agent/Manager <3.1.2 & Management Agent <1.2.1 - Privilege Escalation & Info Disclosure

Title source: llm

Description

The ActiveMatrix Policy Manager Authentication module in TIBCO ActiveMatrix Policy Agent 3.x before 3.1.2, ActiveMatrix Policy Manager 3.x before 3.1.2, ActiveMatrix Management Agent 1.x before 1.2.1 for WCF, and ActiveMatrix Management Agent 1.x before 1.2.1 for WebSphere allows remote attackers to gain privileges and obtain sensitive information via unspecified vectors.

References (3)

Core 3

Core References

Vendor Advisory x_refsource_confirm

http://www.tibco.com/assets/blt1b18947cad32d1c4/2014-007-advisory.txt

Vendor Advisory x_refsource_confirm

http://www.tibco.com/mk/advisory.jsp

Various Sources x_refsource_confirm

http://www.tibco.com/services/support/advisories/activematrix-advisory_20150218

Scores

EPSS 0.0026

EPSS Percentile 49.4%

Details

CWE

CWE-264

Status published

Products (9)

tibco/activematrix_management_agent 1.0.0 (2 CPE variants)

tibco/activematrix_management_agent 1.1.0 (2 CPE variants)

tibco/activematrix_management_agent 1.2.0 (2 CPE variants)

tibco/activematrix_policy_agent 3.0.0

tibco/activematrix_policy_agent 3.1.0

tibco/activematrix_policy_agent 3.1.1

tibco/activematrix_policy_manager 3.0.0

tibco/activematrix_policy_manager 3.1.0

tibco/activematrix_policy_manager 3.1.1

Published Feb 19, 2015

Tracked Since Feb 18, 2026