← voltar
CVE-2022-30571

TIBCO iWay Service Manager Reflected Cross Site Scripting (XSS) Vulnerability

CVSS 8.1 HIGHEPSS 0.4%
Vexday Risk Score
21Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 8.1EPSS 0.4%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
02 ago 2022Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
The iWay Service Manager Console component of TIBCO Software Inc.'s TIBCO iWay Service Manager contains easily exploitable Reflected Cross Site Scripting (XSS) vulnerabilities that allow a low privileged attacker with network access to execute scripts targeting the affected system or the victim's local system. Affected releases are TIBCO Software Inc.'s TIBCO iWay Service Manager: versions 8.0.6 and below.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Produtos afetados
TIBCO Software Inc. · TIBCO iWay Service Manager

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://www.tibco.com/services/support/advisorieshttps://www.tibco.com/support/advisories/2022/07/tibco-security-advisory-august-2-2022-tibco-iway-sm-cve-2022-30571