TIBCO Operational Intelligence Hawk Redtail Credential Exposure Vulnerability
CVE-2022-41564

6.8MEDIUM

Key Information:

Vendor: Tibco Software Inc.
Status: Tibco Hawk; Tibco Operational Intelligence Hawk Redtail
Vendor: CVE Published:; 14 February 2023

Summary

The Hawk Console component of TIBCO Software Inc.'s TIBCO Hawk and TIBCO Operational Intelligence Hawk RedTail contains a vulnerability that will return the EMS transport password and EMS SSL password to a privileged user. Affected releases are TIBCO Software Inc.'s TIBCO Hawk: versions 6.1.0 through 6.2.1 and TIBCO Operational Intelligence Hawk RedTail: versions 7.0.0 through 7.2.0.

Affected Version(s)

TIBCO Hawk <= 6.2.1

TIBCO Operational Intelligence Hawk RedTail <= 7.2.0

References

https://www.tibco.com/services/support/advisories

CVSS V3.1

Score:

6.8

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Feb 14, 2023
Vulnerability Reserved
Sep 26, 2022

Collectors

NVD DatabaseMitre Database