TIBCO Nimbus Open Redirect Vulnerability
CVE-2022-41559

9.3CRITICAL

Key Information:

Vendor: Tibco
Status: Tibco Nimbus
Vendor: CVE Published:; 6 December 2022

Summary

The Web Client component of TIBCO Software Inc.'s TIBCO Nimbus contains an easily exploitable vulnerability that allows an unauthenticated attacker with network access to exploit an open redirect on the affected system. A successful attack using this vulnerability requires human interaction from a person other than the attacker. Affected releases are TIBCO Software Inc.'s TIBCO Nimbus: version 10.5.0.

Affected Version(s)

TIBCO Nimbus 10.5.0

References

https://www.tibco.com/services/support/advisories

CVSS V3.1

Score:

9.3

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Dec 6, 2022
Vulnerability Reserved
Sep 26, 2022