Lucene search

K
cve[email protected]CVE-2022-41564
HistoryFeb 14, 2023 - 6:15 p.m.

CVE-2022-41564

2023-02-1418:15:11
web.nvd.nist.gov
22
cve-2022-41564
tibco
software
inc.
hawk console
operational intelligence
redtail
ems
ssl
vulnerability

6.8 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

6.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

27.4%

The Hawk Console component of TIBCO Software Inc.'s TIBCO Hawk and TIBCO Operational Intelligence Hawk RedTail contains a vulnerability that will return the EMS transport password and EMS SSL password to a privileged user. Affected releases are TIBCO Software Inc.'s TIBCO Hawk: versions 6.1.0 through 6.2.1 and TIBCO Operational Intelligence Hawk RedTail: versions 7.0.0 through 7.2.0.

Affected configurations

NVD
Node
tibcohawkRange6.1.06.2.2
OR
tibcooperational_intelligence_hawk_redtailRange7.0.07.2.1

CNA Affected

[
  {
    "vendor": "TIBCO Software Inc.",
    "product": "TIBCO Hawk",
    "versions": [
      {
        "version": "unspecified",
        "lessThanOrEqual": "6.2.1",
        "status": "affected",
        "versionType": "custom"
      }
    ]
  },
  {
    "vendor": "TIBCO Software Inc.",
    "product": "TIBCO Operational Intelligence Hawk RedTail",
    "versions": [
      {
        "version": "unspecified",
        "lessThanOrEqual": "7.2.0",
        "status": "affected",
        "versionType": "custom"
      }
    ]
  }
]

6.8 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

6.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

27.4%

Related for CVE-2022-41564