The Web Server component of TIBCO Software Inc.'s TIBCO BusinessConnect Trading Community Management contains an easily exploitable vulnerability that allows an unauthenticated attacker with network access to execute Cross-Site Request Forgery (CSRF) on the affected system. A successful attack using this vulnerability requires human interaction from a person other than the attacker. Affected releases are TIBCO Software Inc.'s TIBCO BusinessConnect Trading Community Management: versions 6.1.0 and below.
References
Link | Resource |
---|---|
https://www.tibco.com/services/support/advisories | Vendor Advisory |
https://www.tibco.com/support/advisories/2022/05/tibco-security-advisory-may-18-2022-tibco-bctcm-cve-2022-22778 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: tibco
Published: 2022-05-18T00:00:00
Updated: 2022-05-18T17:06:16
Reserved: 2022-01-07T00:00:00
Link: CVE-2022-22778
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-05-18T17:15:08.580
Modified: 2022-05-31T13:20:39.243
Link: CVE-2022-22778
JSON object: View
Redhat Information
No data.
CWE