Vulnerability Description
The cfsend, cfrecv, and CyberResp components of TIBCO Software Inc.'s TIBCO Managed File Transfer Platform Server for UNIX and TIBCO Managed File Transfer Platform Server for z/Linux contain a difficult to exploit Remote Code Execution (RCE) vulnerability that allows a low privileged attacker with network access to execute arbitrary code on the affected system. Affected releases are TIBCO Software Inc.'s TIBCO Managed File Transfer Platform Server for UNIX: versions 8.1.0 and below and TIBCO Managed File Transfer Platform Server for z/Linux: versions 8.1.0 and below.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Tibco | Managed File Transfer Platform Server | < 8.1.1 |
| Ibm | Z Linux | - |
| Opengroup | Unix | - |
References
- https://www.tibco.com/services/support/advisoriesVendor Advisory
- https://www.tibco.com/support/advisories/2022/03/tibco-security-advisory-march-3Vendor Advisory
- https://www.tibco.com/services/support/advisoriesVendor Advisory
- https://www.tibco.com/support/advisories/2022/03/tibco-security-advisory-march-3Vendor Advisory
FAQ
What is CVE-2022-22772?
CVE-2022-22772 is a vulnerability with a CVSS score of 8.5 (HIGH). The cfsend, cfrecv, and CyberResp components of TIBCO Software Inc.'s TIBCO Managed File Transfer Platform Server for UNIX and TIBCO Managed File Transfer Platform Server for z/Linux contain a difficu...
How severe is CVE-2022-22772?
CVE-2022-22772 has been rated HIGH with a CVSS base score of 8.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-22772?
Check the references section above for vendor advisories and patch information. Affected products include: Tibco Managed File Transfer Platform Server, Ibm Z Linux, Opengroup Unix.