CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-30571

The iWay Service Manager Console component of TIBCO Software Inc.'s TIBCO iWay Service Manager contains easily exploitable Reflected Cross Site Scripting (XSS) vulnerabilities that allow a low privileged attacker with network access to execute scripts targeting the affected system or the victim's local system. Affected releases are TIBCO Software Inc.'s TIBCO iWay Service Manager: versions 8.0.6 and below.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 69.6%

CVSS Severity

CVSS v3 Score 8.1

References

https://www.tibco.com/services/support/advisories
https://www.tibco.com/support/advisories/2022/07/tibco-security-advisory-august-2-2022-tibco-iway-sm-cve-2022-30571
https://www.tibco.com/services/support/advisories
https://www.tibco.com/support/advisories/2022/07/tibco-security-advisory-august-2-2022-tibco-iway-sm-cve-2022-30571

Products affected by CVE-2022-30571

Tibco » Iway Service Manager » Version: N/A

cpe:2.3:a:tibco:iway_service_manager:-
Tibco » Iway Service Manager » Version: 8.0.6

cpe:2.3:a:tibco:iway_service_manager:8.0.6

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-30571

Products

Pricing

Contact Us