CVE-2024-10218

Summary

XSS Attack in mar.jar, Monitoring Archive Utility (MAR Utility), monitoringconsolecommon.jar in TIBCO Software Inc TIBCO Hawk and TIBCO Operational Intelligence

Affected Software

VendorProductVersion RangeStatus
TIBCO Software IncTIBCO Hawk6.2 < 5affected
TIBCO Software IncTIBCO Operational Intelligence7.3 < 0affected

Weaknesses

  • The components listed above contain a vulnerability that allows the author of a malicious .mar file to perform an XEE attack

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References