CVE-2022-41564

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2022-41564
The Hawk Console component of TIBCO Software Inc.'s TIBCO Hawk and TIBCO Operational Intelligence Hawk RedTail contains a vulnerability that will return the EMS transport password and EMS SSL password to a privileged user. Affected releases are TIBCO Software Inc.'s TIBCO Hawk: versions 6.1.0 through 6.2.1 and TIBCO Operational Intelligence Hawk RedTail: versions 7.0.0 through 7.2.0.

6.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://www.tibco.com/services/support/advisories Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:tibco:hawk:*:*:*:*:*:*:*:*
cpe:2.3:a:tibco:operational_intelligence_hawk_redtail:*:*:*:*:*:*:*:*
History

22 Feb 2023, 19:15

Type Values Removed Values Added
References
  • {'url': 'https://www.tibco.com/support/advisories/2023/02/tibco-security-advisory-february-14-2023-tibco-oi-hawk-redtail-cve-2022-41564', 'name': 'https://www.tibco.com/support/advisories/2023/02/tibco-security-advisory-february-14-2023-tibco-oi-hawk-redtail-cve-2022-41564', 'tags': ['Vendor Advisory'], 'refsource': 'CONFIRM'}
Summary The Hawk Console component of TIBCO Software Inc.'s TIBCO Hawk and TIBCO Operational Intelligence Hawk RedTail contains a vulnerability that will return the EMS transport password and EMS SSL password to a privileged user. Affected releases are TIBCO Software Inc.'s TIBCO Hawk: versions 6.2.1 and below and TIBCO Operational Intelligence Hawk RedTail: versions 7.2.0 and below. The Hawk Console component of TIBCO Software Inc.'s TIBCO Hawk and TIBCO Operational Intelligence Hawk RedTail contains a vulnerability that will return the EMS transport password and EMS SSL password to a privileged user. Affected releases are TIBCO Software Inc.'s TIBCO Hawk: versions 6.1.0 through 6.2.1 and TIBCO Operational Intelligence Hawk RedTail: versions 7.0.0 through 7.2.0.

22 Feb 2023, 17:12

Type Values Removed Values Added
CPE cpe:2.3:a:tibco:operational_intelligence_hawk_redtail:*:*:*:*:*:*:*:*
cpe:2.3:a:tibco:hawk:*:*:*:*:*:*:*:*
References (CONFIRM) https://www.tibco.com/services/support/advisories - (CONFIRM) https://www.tibco.com/services/support/advisories - Vendor Advisory
References (CONFIRM) https://www.tibco.com/support/advisories/2023/02/tibco-security-advisory-february-14-2023-tibco-oi-hawk-redtail-cve-2022-41564 - (CONFIRM) https://www.tibco.com/support/advisories/2023/02/tibco-security-advisory-february-14-2023-tibco-oi-hawk-redtail-cve-2022-41564 - Vendor Advisory
First Time Tibco
Tibco hawk
Tibco operational Intelligence Hawk Redtail
CWE NVD-CWE-noinfo
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 6.5

14 Feb 2023, 19:44

Type Values Removed Values Added
References
  • (CONFIRM) https://www.tibco.com/support/advisories/2023/02/tibco-security-advisory-february-14-2023-tibco-oi-hawk-redtail-cve-2022-41564 -

14 Feb 2023, 18:15

Type Values Removed Values Added
New CVE
Information

Published : 2023-02-14 18:15

Updated : 2023-12-10 14:48

NVD link : CVE-2022-41564

Mitre link : CVE-2022-41564

CVE.ORG link : CVE-2022-41564

JSON object : View

Products Affected

tibco

  • operational_intelligence_hawk_redtail
  • hawk
CWE
NVD-CWE-noinfo