CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
93.1%
Multiple buffer overflows in TIBCO Hawk (1) AMI C library (libtibhawkami) and (2) Hawk HMA (tibhawkhma), as used in TIBCO Hawk before 4.8.1; Runtime Agent (TRA) before 5.6.0; iProcess Engine 10.3.0 through 10.6.2 and 11.0.0; and Mainframe Service Tracker before 1.1.0 might allow remote attackers to execute arbitrary code via a crafted message.
Vendor | Product | Version | CPE |
---|---|---|---|
tibco | hawk | * | cpe:2.3:a:tibco:hawk:*:*:*:*:*:*:*:* |
tibco | hawk | 4.6.0 | cpe:2.3:a:tibco:hawk:4.6.0:*:*:*:*:*:*:* |
tibco | hawk | 4.6.1 | cpe:2.3:a:tibco:hawk:4.6.1:*:*:*:*:*:*:* |
tibco | hawk | 4.7 | cpe:2.3:a:tibco:hawk:4.7:*:*:*:*:*:*:* |
tibco | iprocess_engine | 10.3.0 | cpe:2.3:a:tibco:iprocess_engine:10.3.0:*:*:*:*:*:*:* |
tibco | iprocess_engine | 10.3.1 | cpe:2.3:a:tibco:iprocess_engine:10.3.1:*:*:*:*:*:*:* |
tibco | iprocess_engine | 10.3.2 | cpe:2.3:a:tibco:iprocess_engine:10.3.2:*:*:*:*:*:*:* |
tibco | iprocess_engine | 10.3.3 | cpe:2.3:a:tibco:iprocess_engine:10.3.3:*:*:*:*:*:*:* |
tibco | iprocess_engine | 10.3.4 | cpe:2.3:a:tibco:iprocess_engine:10.3.4:*:*:*:*:*:*:* |
tibco | iprocess_engine | 10.3.5 | cpe:2.3:a:tibco:iprocess_engine:10.3.5:*:*:*:*:*:*:* |