CVE-2022-41559

Name of the Vulnerable Software and Affected Versions TIBCO Nimbus version 10.5.0

Description The Web Client component of TIBCO Software Inc.'s TIBCO Nimbus contains an easily exploitable issue that allows an unauthenticated attacker with network access to exploit an open redirect on the affected system. A successful attack using this issue requires human interaction from a person other than the attacker.

Recommendations For TIBCO Nimbus version 10.5.0, consider disabling the Web Client component until a patch is available. Restrict access to the affected system to minimize the risk of exploitation. As a temporary workaround, avoid using the Web Client component until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this issue.