Vulnerabilities > CVE-2022-30574 - Unspecified vulnerability in Tibco Eftl and FTL

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

tibco

NVD

Published: 2022-08-09

Updated: 2022-08-11

Summary

The ftlserver component of TIBCO Software Inc.'s TIBCO FTL - Community Edition, TIBCO FTL - Developer Edition, TIBCO FTL - Enterprise Edition, TIBCO FTL - Enterprise Edition, TIBCO eFTL - Community Edition, TIBCO eFTL - Developer Edition, TIBCO eFTL - Enterprise Edition, and TIBCO eFTL - Enterprise Edition contains a difficult to exploit vulnerability that allows a low privileged attacker with local access to obtain user credentials to the affected system. Affected releases are TIBCO Software Inc.'s TIBCO FTL - Community Edition: versions 6.0.0 through 6.8.0, TIBCO FTL - Developer Edition: versions 6.0.1 through 6.8.0, TIBCO FTL - Enterprise Edition: versions 6.0.0 through 6.7.3, TIBCO FTL - Enterprise Edition: version 6.8.0, TIBCO eFTL - Community Edition: versions 6.0.0 through 6.8.0, TIBCO eFTL - Developer Edition: versions 6.0.1 through 6.8.0, TIBCO eFTL - Enterprise Edition: versions 6.0.0 through 6.7.3, and TIBCO eFTL - Enterprise Edition: version 6.8.0.

Vulnerable Configurations

Part	Description	Count
Application	Tibco Tibco FTL 6.0.0 Tibco FTL 6.0.1 Tibco FTL 6.1.0 Tibco FTL 6.2.0 Tibco FTL 6.3.0 Tibco FTL 6.3.1 Tibco FTL 6.4.0 Tibco FTL 6.5.0 Tibco FTL 6.6.0 Tibco FTL 6.6.1 Tibco FTL 6.7.0 Tibco FTL 6.8.0 Tibco Eftl 6.2.0 Tibco Eftl 6.3.0 Tibco Eftl 6.3.1 Tibco Eftl 6.4.0 Tibco Eftl 6.5.0 Tibco Eftl 6.6.0 Tibco Eftl 6.6.1 Tibco Eftl 6.7.0 Tibco Eftl 6.8.0	58

Summary

Vulnerable Configurations

References