Unknown
CVE-2022-22769
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
Add References:
CVE-2022-22769
MITRE ATT&CK
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Topic Tags
Description
The Web server component of TIBCO Software Inc.’s TIBCO EBX, TIBCO EBX, TIBCO EBX, TIBCO EBX Add-ons, TIBCO EBX Add-ons, TIBCO EBX Add-ons, and TIBCO Product and Service Catalog powered by TIBCO EBX contains an easily exploitable vulnerability that allows a low privileged attacker with network access to execute Stored Cross Site Scripting (XSS) on the affected system. A successful attack using this vulnerability requires human interaction from a person other than the attacker. Affected releases are TIBCO Software Inc.’s TIBCO EBX: versions 5.8.124 and below, TIBCO EBX: versions 5.9.3, 5.9.4, 5.9.5, 5.9.6, 5.9.7, 5.9.8, 5.9.9, 5.9.10, 5.9.11, 5.9.12, 5.9.13, 5.9.14, and 5.9.15, TIBCO EBX: versions 6.0.0, 6.0.1, 6.0.2, and 6.0.3, TIBCO EBX Add-ons: versions 3.20.18 and below, TIBCO EBX Add-ons: versions 4.1.0, 4.2.0, 4.2.1, 4.2.2, 4.3.0, 4.3.1, 4.3.2, 4.3.3, 4.3.4, 4.4.0, 4.4.1, 4.4.2, 4.4.3, 4.5.0, 4.5.1, 4.5.2, 4.5.3, 4.5.4, 4.5.5, and 4.5.6, TIBCO EBX Add-ons: versions 5.0.0, 5.0.1, 5.1.0, 5.1.1, and 5.2.0, and TIBCO Product and Service Catalog powered by TIBCO EBX: versions 1.1.0 and below.
Add Assessment
No one has assessed this topic. Be the first to add your voice to the community.
CVSS V3 Severity and Metrics
General Information
Vendors
Products
- ebx,
- ebx 5.9.10,
- ebx 5.9.11,
- ebx 5.9.12,
- ebx 5.9.13,
- ebx 5.9.14,
- ebx 5.9.15,
- ebx 5.9.3,
- ebx 5.9.4,
- ebx 5.9.5,
- ebx 5.9.6,
- ebx 5.9.7,
- ebx 5.9.8,
- ebx 5.9.9,
- ebx 6.0.0,
- ebx 6.0.1,
- ebx 6.0.2,
- ebx 6.0.3,
- ebx add-ons,
- ebx add-ons 4.1.0,
- ebx add-ons 4.2.0,
- ebx add-ons 4.2.1,
- ebx add-ons 4.2.2,
- ebx add-ons 4.3.0,
- ebx add-ons 4.3.1,
- ebx add-ons 4.3.2,
- ebx add-ons 4.3.3,
- ebx add-ons 4.3.4,
- ebx add-ons 4.4.0,
- ebx add-ons 4.4.1,
- ebx add-ons 4.4.2,
- ebx add-ons 4.4.3,
- ebx add-ons 4.5.0,
- ebx add-ons 4.5.1,
- ebx add-ons 4.5.2,
- ebx add-ons 4.5.3,
- ebx add-ons 4.5.4,
- ebx add-ons 4.5.5,
- ebx add-ons 4.5.6,
- ebx add-ons 5.0.0,
- ebx add-ons 5.0.1,
- ebx add-ons 5.1.0,
- ebx add-ons 5.1.1,
- ebx add-ons 5.2.0,
- product and service catalog powered by tibco ebx
References
Additional Info
Technical Analysis
Report as Emergent Threat Response
Report as Zero-day Exploit
Report as Exploited in the Wild
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
