Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2022-22771

Опубликовано: 15 мар. 2022
Источник: nvd
CVSS3: 9.9
CVSS3: 8.8
CVSS2: 4
EPSS Низкий

Описание

The Server component of TIBCO Software Inc.'s TIBCO JasperReports Library, TIBCO JasperReports Library for ActiveMatrix BPM, TIBCO JasperReports Server, TIBCO JasperReports Server for AWS Marketplace, TIBCO JasperReports Server for ActiveMatrix BPM, and TIBCO JasperReports Server for Microsoft Azure contains a directory-traversal vulnerability that may theoretically allow web server users to access contents of the host system. Affected releases are TIBCO Software Inc.'s TIBCO JasperReports Library: version 7.9.0, TIBCO JasperReports Library for ActiveMatrix BPM: version 7.9.0, TIBCO JasperReports Server: versions 7.9.0 and 7.9.1, TIBCO JasperReports Server for AWS Marketplace: versions 7.9.0 and 7.9.1, TIBCO JasperReports Server for ActiveMatrix BPM: versions 7.9.0 and 7.9.1, and TIBCO JasperReports Server for Microsoft Azure: version 7.9.1.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:tibco:jasperreports_library:7.9.0:*:*:*:*:-:*:*
cpe:2.3:a:tibco:jasperreports_library:7.9.0:*:*:*:*:activematrix_bpm:*:*
cpe:2.3:a:tibco:jasperreports_server:7.9.0:*:*:*:*:-:*:*
cpe:2.3:a:tibco:jasperreports_server:7.9.0:*:*:*:*:activematrix_bpm:*:*
cpe:2.3:a:tibco:jasperreports_server:7.9.0:*:*:*:*:aws_marketplace:*:*
cpe:2.3:a:tibco:jasperreports_server:7.9.0:*:*:*:*:azure:*:*
cpe:2.3:a:tibco:jasperreports_server:7.9.1:*:*:*:*:-:*:*
cpe:2.3:a:tibco:jasperreports_server:7.9.1:*:*:*:*:activematrix_bpm:*:*
cpe:2.3:a:tibco:jasperreports_server:7.9.1:*:*:*:*:aws_marketplace:*:*
cpe:2.3:a:tibco:jasperreports_server:7.9.1:*:*:*:*:azure:*:*

EPSS

Процентиль: 48%
0.0025
Низкий

9.9 Critical

CVSS3

8.8 High

CVSS3

4 Medium

CVSS2

Дефекты

CWE-22

Связанные уязвимости

ubuntu логотип

CVE-2022-22771

CVSS3: 8.8
ubuntu
почти 4 года назад

The Server component of TIBCO Software Inc.'s TIBCO JasperReports Library, TIBCO JasperReports Library for ActiveMatrix BPM, TIBCO JasperReports Server, TIBCO JasperReports Server for AWS Marketplace, TIBCO JasperReports Server for ActiveMatrix BPM, and TIBCO JasperReports Server for Microsoft Azure contains a directory-traversal vulnerability that may theoretically allow web server users to access contents of the host system. Affected releases are TIBCO Software Inc.'s TIBCO JasperReports Library: version 7.9.0, TIBCO JasperReports Library for ActiveMatrix BPM: version 7.9.0, TIBCO JasperReports Server: versions 7.9.0 and 7.9.1, TIBCO JasperReports Server for AWS Marketplace: versions 7.9.0 and 7.9.1, TIBCO JasperReports Server for ActiveMatrix BPM: versions 7.9.0 and 7.9.1, and TIBCO JasperReports Server for Microsoft Azure: version 7.9.1.

debian логотип

CVE-2022-22771

CVSS3: 8.8
debian
почти 4 года назад

The Server component of TIBCO Software Inc.'s TIBCO JasperReports Libr ...

github логотип

GHSA-g4m4-hxvm-28mq

CVSS3: 8.8
github
почти 4 года назад

The Server component of TIBCO Software Inc.'s TIBCO JasperReports Library, TIBCO JasperReports Library for ActiveMatrix BPM, TIBCO JasperReports Server, TIBCO JasperReports Server for AWS Marketplace, TIBCO JasperReports Server for ActiveMatrix BPM, and TIBCO JasperReports Server for Microsoft Azure contains a directory-traversal vulnerability that may theoretically allow web server users to access contents of the host system. Affected releases are TIBCO Software Inc.'s TIBCO JasperReports Library: version 7.9.0, TIBCO JasperReports Library for ActiveMatrix BPM: version 7.9.0, TIBCO JasperReports Server: versions 7.9.0 and 7.9.1, TIBCO JasperReports Server for AWS Marketplace: versions 7.9.0 and 7.9.1, TIBCO JasperReports Server for ActiveMatrix BPM: versions 7.9.0 and 7.9.1, and TIBCO JasperReports Server for Microsoft Azure: version 7.9.1.

EPSS

Процентиль: 48%
0.0025
Низкий

9.9 Critical

CVSS3

8.8 High

CVSS3

4 Medium

CVSS2

Дефекты

CWE-22