TIBCO Operational Intelligence Hawk Redtail Credential Exposure Vulnerability
CVE-2022-41564

6.5MEDIUM

Key Information:

Vendor: Tibco
Status: Tibco Hawk; Tibco Operational Intelligence Hawk Redtail
Vendor: CVE Published:; 14 February 2023

What is CVE-2022-41564?

The Hawk Console component of TIBCO Software Inc.'s TIBCO Hawk and TIBCO Operational Intelligence Hawk RedTail contains a vulnerability that will return the EMS transport password and EMS SSL password to a privileged user. Affected releases are TIBCO Software Inc.'s TIBCO Hawk: versions 6.1.0 through 6.2.1 and TIBCO Operational Intelligence Hawk RedTail: versions 7.0.0 through 7.2.0.

Affected Version(s)

TIBCO Hawk <= 6.2.1

TIBCO Operational Intelligence Hawk RedTail <= 7.2.0

References

https://www.tibco.com/services/support/advisories

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 14, 2023
Vulnerability Reserved
Sep 26, 2022

Tibco

What is CVE-2022-41564?

Affected Version(s)

References

CVSS V3.1

Timeline