CVE-2022-41564
6.8
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
Summary
The Hawk Console component of TIBCO Software Inc.'s TIBCO Hawk and TIBCO Operational Intelligence Hawk RedTail contains a vulnerability that will return the EMS transport password and EMS SSL password to a privileged user. Affected releases are TIBCO Software Inc.'s TIBCO Hawk: versions 6.1.0 through 6.2.1 and TIBCO Operational Intelligence Hawk RedTail: versions 7.0.0 through 7.2.0.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| TIBCO Software Inc. | TIBCO Hawk | unspecified <= 6.2.1 | affected |
| TIBCO Software Inc. | TIBCO Operational Intelligence Hawk RedTail | unspecified <= 7.2.0 | affected |
Weaknesses
- The impact of this vulnerability includes the theoretical possibility of an authenticated Hawk Console user gaining administrative access to the EMS server.
ADP Enrichment
CVE Program Container
Additional References
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.