Security Advisory regarding TIBCO AuditSafe
Article ID: KB0107985
Updated On:
| Products | Versions |
|---|---|
| TIBCO AuditSafe | 1.1.0 |
Description
TIBCO AuditSafe API Authentication vulnerability
Original release date: February 15, 2022
Last revised: ---
Source: TIBCO Software Inc.
Products Affected
TIBCO AuditSafe versions 1.1.0 and below
The following component is affected:
* Web Server
Impact
In the worst case, if the victim is a privileged administrator, successful
execution of these vulnerabilities can result in an attacker gaining full
administrative access to the API methods of the affected system.
CVSS v3 Base Score: 9.8 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
Environment
Products Affected
TIBCO AuditSafe versions 1.1.0 and below
The following component is affected:
* Web Server
Resolution
TIBCO has released updated versions of the affected systems which address this
issue:
TIBCO AuditSafe versions 1.1.0 and below update to version 1.1.1 or later
issue:
TIBCO AuditSafe versions 1.1.0 and below update to version 1.1.1 or later
Issue/Introduction
Security Advisory regarding TIBCO AuditSafe API Authentication vulnerability
Additional Information
https://www.tibco.com/services/support/advisories
CVE-2022-22770
CVE-2022-22770
Feedback
Yes
No
Powered by
