PT-2023-13990 · Tibco Software · Tibco Hawk+1

Publicado

2023-02-14

Atualizado

2023-02-22

CVE-2022-41564

CVSS v3.1

6.8

Média

Vetor

AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions TIBCO Hawk versions 6.1.0 through 6.2.1 TIBCO Operational Intelligence Hawk RedTail versions 7.0.0 through 7.2.0

Description The Hawk Console component of TIBCO Software Inc.'s TIBCO Hawk and TIBCO Operational Intelligence Hawk RedTail contains a vulnerability that will return the EMS transport password and EMS SSL password to a privileged user.

Recommendations For TIBCO Hawk versions 6.1.0 through 6.2.1, update to a version outside of this range to resolve the issue. For TIBCO Operational Intelligence Hawk RedTail versions 7.0.0 through 7.2.0, update to a version outside of this range to resolve the issue.

Correção

Insufficiently Protected Credentials

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-522

Identificadores relacionados

CVE-2022-41564

Produtos afetados

Tibco Hawk

Tibco Operational Intelligence Hawk Redtail

PT-2023-13990 · Tibco Software · Tibco Hawk+1

CVE-2022-41564

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4