CVE-2023-26219

Name of the Vulnerable Software and Affected Versions TIBCO Hawk versions 6.2.2 and below TIBCO Hawk Distribution for TIBCO Silver Fabric versions 6.2.2 and below TIBCO Operational Intelligence Hawk RedTail versions 7.2.1 and below TIBCO Runtime Agent versions 5.12.2 and below

Description The Hawk Console and Hawk Agent components of TIBCO Software Inc.'s products contain a vulnerability that theoretically allows an attacker with access to the Hawk Console’s and Agent’s log to obtain credentials used to access associated EMS servers.

Recommendations For TIBCO Hawk versions 6.2.2 and below, update to a version above 6.2.2 to resolve the issue. For TIBCO Hawk Distribution for TIBCO Silver Fabric versions 6.2.2 and below, update to a version above 6.2.2 to resolve the issue. For TIBCO Operational Intelligence Hawk RedTail versions 7.2.1 and below, update to a version above 7.2.1 to resolve the issue. For TIBCO Runtime Agent versions 5.12.2 and below, update to a version above 5.12.2 to resolve the issue. As a temporary workaround, consider restricting access to the Hawk Console’s and Agent’s log to minimize the risk of exploitation.