{"api_version":"1","generated_at":"2026-04-23T13:25:03+00:00","cve":"CVE-2010-0184","urls":{"html":"https://cve.report/CVE-2010-0184","api":"https://cve.report/api/cve/CVE-2010-0184.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2010-0184","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2010-0184"},"summary":{"title":"CVE-2010-0184","description":"The (1) domainutility and (2) domainutilitycmd components in TIBCO Domain Utility in TIBCO Runtime Agent (TRA) before 5.6.2, as used in TIBCO ActiveMatrix BusinessWorks and other products, set weak permissions on domain properties files, which allows local users to obtain domain administrator credentials, and gain privileges on all domain systems, via unspecified vectors.","state":"PUBLISHED","assigner":"mitre","published_at":"2010-01-14 19:30:00","updated_at":"2026-04-23 00:35:47"},"problem_types":["CWE-264","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"7.2","severity":"","vector":"AV:L/AC:L/Au:N/C:C/I:C/A:C","data":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","baseScore":7.2,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"}}],"references":[{"url":"http://secunia.com/advisories/38191","name":"http://secunia.com/advisories/38191","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"TIBCO Runtime Agent Domain Properties Files Insecure Permissions - Secunia Advisories - Vulnerability Information - Secunia.com","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.tibco.com/mk/advisory.jsp","name":"http://www.tibco.com/mk/advisory.jsp","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Advisory | TIBCO Software","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://www.tibco.com/multimedia/security_advisory_runtime_agent_20100113_tcm8-10392.txt","name":"http://www.tibco.com/multimedia/security_advisory_runtime_agent_20100113_tcm8-10392.txt","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"404 Not Found","mime":"text/plain","httpstatus":"404","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/37805","name":"http://www.securityfocus.com/bid/37805","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"TIBCO Runtime Agent Domain Properties Insecure File Permissions Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://www.vupen.com/english/advisories/2010/0128","name":"http://www.vupen.com/english/advisories/2010/0128","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2010-0184","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2010-0184","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2010","cve_id":"184","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"tibco","cpe5":"runtime_agent","cpe6":"5.4.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2010","cve_id":"184","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"tibco","cpe5":"runtime_agent","cpe6":"5.5.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2010","cve_id":"184","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"tibco","cpe5":"runtime_agent","cpe6":"5.5.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2010","cve_id":"184","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"tibco","cpe5":"runtime_agent","cpe6":"5.6","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2010","cve_id":"184","vulnerable":"1","versionEndIncluding":"5.6.1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"tibco","cpe5":"runtime_agent","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T00:37:54.113Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.tibco.com/multimedia/security_advisory_runtime_agent_20100113_tcm8-10392.txt"},{"name":"37805","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/37805"},{"name":"ADV-2010-0128","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2010/0128"},{"name":"38191","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/38191"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.tibco.com/mk/advisory.jsp"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"descriptions":[{"lang":"en","value":"The (1) domainutility and (2) domainutilitycmd components in TIBCO Domain Utility in TIBCO Runtime Agent (TRA) before 5.6.2, as used in TIBCO ActiveMatrix BusinessWorks and other products, set weak permissions on domain properties files, which allows local users to obtain domain administrator credentials, and gain privileges on all domain systems, via unspecified vectors."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2010-01-14T19:00:00.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"tags":["x_refsource_CONFIRM"],"url":"http://www.tibco.com/multimedia/security_advisory_runtime_agent_20100113_tcm8-10392.txt"},{"name":"37805","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/37805"},{"name":"ADV-2010-0128","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2010/0128"},{"name":"38191","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/38191"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.tibco.com/mk/advisory.jsp"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2010-0184","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"The (1) domainutility and (2) domainutilitycmd components in TIBCO Domain Utility in TIBCO Runtime Agent (TRA) before 5.6.2, as used in TIBCO ActiveMatrix BusinessWorks and other products, set weak permissions on domain properties files, which allows local users to obtain domain administrator credentials, and gain privileges on all domain systems, via unspecified vectors."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"http://www.tibco.com/multimedia/security_advisory_runtime_agent_20100113_tcm8-10392.txt","refsource":"CONFIRM","url":"http://www.tibco.com/multimedia/security_advisory_runtime_agent_20100113_tcm8-10392.txt"},{"name":"37805","refsource":"BID","url":"http://www.securityfocus.com/bid/37805"},{"name":"ADV-2010-0128","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2010/0128"},{"name":"38191","refsource":"SECUNIA","url":"http://secunia.com/advisories/38191"},{"name":"http://www.tibco.com/mk/advisory.jsp","refsource":"CONFIRM","url":"http://www.tibco.com/mk/advisory.jsp"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2010-0184","datePublished":"2010-01-14T19:00:00.000Z","dateReserved":"2010-01-06T00:00:00.000Z","dateUpdated":"2024-09-16T16:58:40.503Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2010-01-14 19:30:00","lastModifiedDate":"2026-04-23 00:35:47","problem_types":["CWE-264","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","baseScore":7.2,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":3.9,"impactScore":10,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:tibco:runtime_agent:*:*:*:*:*:*:*:*","versionEndIncluding":"5.6.1","matchCriteriaId":"DB0D5A21-4A21-4DFF-9549-109039252387"},{"vulnerable":true,"criteria":"cpe:2.3:a:tibco:runtime_agent:5.4.0:*:*:*:*:*:*:*","matchCriteriaId":"0A6C4A47-FBEF-4171-9C97-FFAD45ACB263"},{"vulnerable":true,"criteria":"cpe:2.3:a:tibco:runtime_agent:5.5.3:*:*:*:*:*:*:*","matchCriteriaId":"19E9CA44-31F3-48B2-834A-36F792A71761"},{"vulnerable":true,"criteria":"cpe:2.3:a:tibco:runtime_agent:5.5.4:*:*:*:*:*:*:*","matchCriteriaId":"A60DB3FE-F502-4A8E-A669-3837109A2211"},{"vulnerable":true,"criteria":"cpe:2.3:a:tibco:runtime_agent:5.6:*:*:*:*:*:*:*","matchCriteriaId":"DCE75BE6-19FE-442D-80C1-87003D62786C"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2010","CveId":"184","Ordinal":"1","Title":"CVE-2010-0184","CVE":"CVE-2010-0184","Year":"2010"},"notes":[{"CveYear":"2010","CveId":"184","Ordinal":"1","NoteData":"The (1) domainutility and (2) domainutilitycmd components in TIBCO Domain Utility in TIBCO Runtime Agent (TRA) before 5.6.2, as used in TIBCO ActiveMatrix BusinessWorks and other products, set weak permissions on domain properties files, which allows local users to obtain domain administrator credentials, and gain privileges on all domain systems, via unspecified vectors.","Type":"Description","Title":"CVE-2010-0184"},{"CveYear":"2010","CveId":"184","Ordinal":"2","NoteData":"2010-01-14","Type":"Other","Title":"Published"}]}}}