PT-2022-20178 · Tibco Software · Tibco Data Virtualization For Aws Marketplace+1
Published
2022-07-19
·
Updated
2022-07-28
·
CVE-2022-30570
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
TIBCO Data Virtualization versions 8.5.2 and below
TIBCO Data Virtualization for AWS Marketplace versions 8.5.2 and below
Description
The Column Based Security component of TIBCO Software Inc.'s TIBCO Data Virtualization and TIBCO Data Virtualization for AWS Marketplace contains an easily exploitable issue that allows a low privileged attacker with network access to obtain read access to application information on the affected system.
Recommendations
For TIBCO Data Virtualization versions 8.5.2 and below, update to a version above 8.5.2 to resolve the issue.
For TIBCO Data Virtualization for AWS Marketplace versions 8.5.2 and below, update to a version above 8.5.2 to resolve the issue.
As a temporary workaround, consider restricting network access to the affected system until a patch is available.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Tibco Data Virtualization
Tibco Data Virtualization For Aws Marketplace