CVE-2022-41564

Опубликовано: 14 фев. 2023

Источник: nvd

CVSS3: 6.8

CVSS3: 6.5

EPSS Низкий

Описание

The Hawk Console component of TIBCO Software Inc.'s TIBCO Hawk and TIBCO Operational Intelligence Hawk RedTail contains a vulnerability that will return the EMS transport password and EMS SSL password to a privileged user. Affected releases are TIBCO Software Inc.'s TIBCO Hawk: versions 6.1.0 through 6.2.1 and TIBCO Operational Intelligence Hawk RedTail: versions 7.0.0 through 7.2.0.

Ссылки

https://www.tibco.com/services/support/advisories
Vendor Advisory
https://www.tibco.com/services/support/advisories
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:tibco:hawk:*:*:*:*:*:*:*:*

Версия от 6.1.0 (включая) до 6.2.2 (исключая)

cpe:2.3:a:tibco:operational_intelligence_hawk_redtail:*:*:*:*:*:*:*:*

Версия от 7.0.0 (включая) до 7.2.1 (исключая)

EPSS

Процентиль: 35%

0.00144

Низкий

6.8 Medium

CVSS3

6.5 Medium

CVSS3

Дефекты

NVD-CWE-noinfo

CWE-522

Связанные уязвимости

GHSA-x8f4-mm5h-f849

CVSS3: 6.5

github

почти 3 года назад

The Hawk Console component of TIBCO Software Inc.'s TIBCO Hawk and TIBCO Operational Intelligence Hawk RedTail contains a vulnerability that will return the EMS transport password and EMS SSL password to a privileged user. Affected releases are TIBCO Software Inc.'s TIBCO Hawk: versions 6.2.1 and below and TIBCO Operational Intelligence Hawk RedTail: versions 7.2.0 and below.

EPSS

Процентиль: 35%

0.00144

Низкий

6.8 Medium

CVSS3

6.5 Medium

CVSS3

Дефекты

NVD-CWE-noinfo

CWE-522