CVE-2022-41564 MEDIUM

CVE-2022-41564: TIBCO Operational Intelligence Hawk Redtail Credential Exposure Vulnerability

Vendor Tibco Software Inc.

Product TIBCO Hawk

Published February 14, 2023

Last update March 20, 2025

View on NVD All CVEs

CVSS base score

6.8/10

Attack vector Network

Attack complexity Low

Privileges required High

User interaction None

Confidentiality High

Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

What the vulnerability does

01Description

The Hawk Console component of TIBCO Software Inc.'s TIBCO Hawk and TIBCO Operational Intelligence Hawk RedTail contains a vulnerability that will return the EMS transport password and EMS SSL password to a privileged user. Affected releases are TIBCO Software Inc.'s TIBCO Hawk: versions 6.1.0 through 6.2.1 and TIBCO Operational Intelligence Hawk RedTail: versions 7.0.0 through 7.2.0.

Key dates

02Disclosure timeline

February 14, 2023 CVE published

March 20, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2022-41564

Identifiers

CVE CVE-2022-41564

CVSS 6.8 / MEDIUM

Affected versions

Vendor Tibco Software Inc.

Product TIBCO Hawk

Affected ≥ unspecified and ≤ 6.2.1

Vendor Tibco Software Inc.

Product TIBCO Operational Intelligence Hawk RedTail

Affected ≥ unspecified and ≤ 7.2.0