What is CVE-2022-30572?

CVE-2022-30572 is a Directory Traversal vulnerability in the iWay Service Manager Console component of TIBCO iWay Service Manager.

How severe is CVE-2022-30572?

CVE-2022-30572 has a severity rating of 6.5 out of 10, which is classified as medium severity.

What is affected by CVE-2022-30572?

TIBCO iWay Service Manager versions up to and excluding 8.0.7 are affected by CVE-2022-30572.

How can an attacker exploit CVE-2022-30572?

An attacker with low privileges and network access can exploit CVE-2022-30572 to read arbitrary resources on the affected system.

Are there any references for CVE-2022-30572?

Yes, you can refer to the following links for more information: [TIBCO Advisory](https://www.tibco.com/services/support/advisories) and [TIBCO Security Advisory](https://www.tibco.com/support/advisories/2022/07/tibco-security-advisory-august-2-2022-tibco-iway-sm-cve-2022-30572).

Vulnerability/
CVE-2022-30572

medium

6.5

CWE

2/8/2022

3/8/2024

CVE-2022-30572: TIBCO iWay Service Manager Directory Traversal Vulnerability

First published: Tue Aug 02 2022(Updated: )

The iWay Service Manager Console component of TIBCO Software Inc.'s TIBCO iWay Service Manager contains an easily exploitable Directory Traversal vulnerability that allows a low privileged attacker with network access to read arbitrary resources on the affected system. Affected releases are TIBCO Software Inc.'s TIBCO iWay Service Manager: versions 8.0.6 and below.

Credit: security@tibco.com

Affected Software	Affected Version	How to fix
TIBCO iWay Service Manager	<8.0.7

Remedy

TIBCO has released updated versions of the affected components which address these issues. TIBCO iWay Service Manager versions 8.0.6 and below: update to version 8.0.7 or later

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2022-30572?
CVE-2022-30572 is a Directory Traversal vulnerability in the iWay Service Manager Console component of TIBCO iWay Service Manager.
How severe is CVE-2022-30572?
CVE-2022-30572 has a severity rating of 6.5 out of 10, which is classified as medium severity.
What is affected by CVE-2022-30572?
TIBCO iWay Service Manager versions up to and excluding 8.0.7 are affected by CVE-2022-30572.
How can an attacker exploit CVE-2022-30572?
An attacker with low privileges and network access can exploit CVE-2022-30572 to read arbitrary resources on the affected system.
Are there any references for CVE-2022-30572?
Yes, you can refer to the following links for more information: [TIBCO Advisory](https://www.tibco.com/services/support/advisories) and [TIBCO Security Advisory](https://www.tibco.com/support/advisories/2022/07/tibco-security-advisory-august-2-2022-tibco-iway-sm-cve-2022-30572).

collector/nvd-index
agent/references
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/author
agent/weakness
agent/severity
agent/remedy
agent/last-modified-date
agent/title
agent/tags
agent/description
agent/first-publish-date
agent/event
vendor/tibco
canonical/tibco iway service manager

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.