Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2022-30574

Опубликовано: 09 авг. 2022
Источник: nvd
CVSS3: 4.6
CVSS3: 7.8
EPSS Низкий

Описание

The ftlserver component of TIBCO Software Inc.'s TIBCO FTL - Community Edition, TIBCO FTL - Developer Edition, TIBCO FTL - Enterprise Edition, TIBCO FTL - Enterprise Edition, TIBCO eFTL - Community Edition, TIBCO eFTL - Developer Edition, TIBCO eFTL - Enterprise Edition, and TIBCO eFTL - Enterprise Edition contains a difficult to exploit vulnerability that allows a low privileged attacker with local access to obtain user credentials to the affected system. Affected releases are TIBCO Software Inc.'s TIBCO FTL - Community Edition: versions 6.0.0 through 6.8.0, TIBCO FTL - Developer Edition: versions 6.0.1 through 6.8.0, TIBCO FTL - Enterprise Edition: versions 6.0.0 through 6.7.3, TIBCO FTL - Enterprise Edition: version 6.8.0, TIBCO eFTL - Community Edition: versions 6.0.0 through 6.8.0, TIBCO eFTL - Developer Edition: versions 6.0.1 through 6.8.0, TIBCO eFTL - Enterprise Edition: versions 6.0.0 through 6.7.3, and TIBCO eFTL - Enterprise Edition: version 6.8.0.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:tibco:ftl:*:*:*:*:enterprise:*:*:*
Версия от 6.0.0 (включая) до 6.7.3 (включая)
cpe:2.3:a:tibco:ftl:*:*:*:*:community:*:*:*
Версия от 6.0.0 (включая) до 6.8.0 (включая)
cpe:2.3:a:tibco:ftl:*:*:*:*:developer:*:*:*
Версия от 6.0.1 (включая) до 6.8.0 (включая)
cpe:2.3:a:tibco:ftl:6.8.0:*:*:*:enterprise:*:*:*
Конфигурация 2

Одно из

cpe:2.3:a:tibco:eftl:*:*:*:*:enterprise:*:*:*
Версия от 6.0.0 (включая) до 6.7.3 (включая)
cpe:2.3:a:tibco:eftl:*:*:*:*:community:*:*:*
Версия от 6.0.0 (включая) до 6.8.0 (включая)
cpe:2.3:a:tibco:eftl:*:*:*:*:developer:*:*:*
Версия от 6.0.1 (включая) до 6.8.0 (включая)
cpe:2.3:a:tibco:eftl:6.8.0:*:*:*:enterprise:*:*:*

EPSS

Процентиль: 13%
0.00044
Низкий

4.6 Medium

CVSS3

7.8 High

CVSS3

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

github логотип

GHSA-m63x-ghq3-c527

CVSS3: 7.8
github
больше 3 лет назад

The ftlserver component of TIBCO Software Inc.'s TIBCO FTL - Community Edition, TIBCO FTL - Developer Edition, TIBCO FTL - Enterprise Edition, TIBCO FTL - Enterprise Edition, TIBCO eFTL - Community Edition, TIBCO eFTL - Developer Edition, TIBCO eFTL - Enterprise Edition, and TIBCO eFTL - Enterprise Edition contains a difficult to exploit vulnerability that allows a low privileged attacker with local access to obtain user credentials to the affected system. Affected releases are TIBCO Software Inc.'s TIBCO FTL - Community Edition: versions 6.0.0 through 6.8.0, TIBCO FTL - Developer Edition: versions 6.0.1 through 6.8.0, TIBCO FTL - Enterprise Edition: versions 6.0.0 through 6.7.3, TIBCO FTL - Enterprise Edition: version 6.8.0, TIBCO eFTL - Community Edition: versions 6.0.0 through 6.8.0, TIBCO eFTL - Developer Edition: versions 6.0.1 through 6.8.0, TIBCO eFTL - Enterprise Edition: versions 6.0.0 through 6.7.3, and TIBCO eFTL - Enterprise Edition: version 6.8.0.

EPSS

Процентиль: 13%
0.00044
Низкий

4.6 Medium

CVSS3

7.8 High

CVSS3

Дефекты

NVD-CWE-noinfo