Lucene search

[email protected]CVE-2022-41559

HistoryDec 06, 2022 - 7:15 p.m.

CVE-2022-41559

2022-12-0619:15:10

CWE-601

[email protected]

web.nvd.nist.gov

cve-2022-41559

tibco

software

inc.

tibco nimbus

web client

vulnerability

exploitable

open redirect

network access

unauthenticated attacker

security

nvd

9.3 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N

9 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

51.8%

JSON

The Web Client component of TIBCO Software Inc.'s TIBCO Nimbus contains an easily exploitable vulnerability that allows an unauthenticated attacker with network access to exploit an open redirect on the affected system. A successful attack using this vulnerability requires human interaction from a person other than the attacker. Affected releases are TIBCO Software Inc.'s TIBCO Nimbus: version 10.5.0.

Affected configurations

NVD

Node

tibconimbusMatch10.5.0

CPENameOperatorVersion
tibco:nimbustibco nimbuseq10.5.0

CPE	Name	Operator	Version
tibco:nimbus	tibco nimbus	eq	10.5.0

CNA Affected

[
  {
    "vendor": "TIBCO Software Inc.",
    "product": "TIBCO Nimbus",
    "versions": [
      {
        "version": "10.5.0",
        "status": "affected"
      }
    ]
  }
]

References

www.tibco.com/services/support/advisories

9.3 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N

9 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

51.8%

JSON

Related for CVE-2022-41559

tibco2 nvd1 prion1 cvelist1