CVSS: 9.0EPSS: 0%CPEs: 4EXPL: 0CVE-2023-26219 – TIBCO Operational Intelligence Hawk RedTail Credential Exposure Vulnerability
https://notcve.org/view.php?id=CVE-2023-26219
24 Oct 2023 — The Hawk Console and Hawk Agent components of TIBCO Software Inc.'s TIBCO Hawk, TIBCO Hawk Distribution for TIBCO Silver Fabric, TIBCO Operational Intelligence Hawk RedTail, and TIBCO Runtime Agent contain a vulnerability that theoretically allows an attacker with access to the Hawk Console’s and Agent’s log to obtain credentials used to access associated EMS servers. Affected releases are TIBCO Software Inc.'s TIBCO Hawk: versions 6.2.2 and below, TIBCO Hawk Distribution for TIBCO Silver Fabric: versions 6... • https://www.tibco.com/services/support/advisories • CWE-798: Use of Hard-coded Credentials •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2021-3020
https://notcve.org/view.php?id=CVE-2021-3020
25 Aug 2022 — An issue was discovered in ClusterLabs Hawk (aka HA Web Konsole) through 2.3.0-15. It ships the binary hawk_invoke (built from tools/hawk_invoke.c), intended to be used as a setuid program. This allows the hacluster user to invoke certain commands as root (with an attempt to limit this to safe combinations). This user is able to execute an interactive "shell" that isn't limited to the commands specified in hawk_invoke, allowing escalation to root. Se ha detectado un problema en ClusterLabs Hawk (también se ... • https://bugzilla.suse.com/show_bug.cgi?id=1180571 • CWE-269: Improper Privilege Management •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-29167 – ReDoS vulnerability in header parsing in hawk
https://notcve.org/view.php?id=CVE-2022-29167
05 May 2022 — Hawk is an HTTP authentication scheme providing mechanisms for making authenticated HTTP requests with partial cryptographic verification of the request and response, covering the HTTP method, request URI, host, and optionally the request payload. Hawk used a regular expression to parse `Host` HTTP header (`Hawk.utils.parseHost()`), which was subject to regular expression DoS attack - meaning each added character in the attacker's input increases the computation time exponentially. `parseHost()` was patched... • https://github.com/mozilla/hawk/pull/286 • CWE-400: Uncontrolled Resource Consumption CWE-1333: Inefficient Regular Expression Complexity •
CVSS: 10.0EPSS: 13%CPEs: 2EXPL: 0CVE-2020-35458
https://notcve.org/view.php?id=CVE-2020-35458
12 Jan 2021 — An issue was discovered in ClusterLabs Hawk 2.x through 2.3.0-x. There is a Ruby shell code injection issue via the hawk_remember_me_id parameter in the login_from_cookie cookie. The user logout routine could be used by unauthenticated remote attackers to execute code as hauser. Se detectó un problema en ClusterLabs Hawk versiones 2.x hasta 2.3.0-x. Se presenta un problema de inyección de código de shell Ruby por medio del parámetro hawk_remember_me_id en la cookie login_from_cookie. • http://www.openwall.com/lists/oss-security/2021/01/12/3 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 5%CPEs: 22EXPL: 0CVE-2008-3338
https://notcve.org/view.php?id=CVE-2008-3338
13 Aug 2008 — Multiple buffer overflows in TIBCO Hawk (1) AMI C library (libtibhawkami) and (2) Hawk HMA (tibhawkhma), as used in TIBCO Hawk before 4.8.1; Runtime Agent (TRA) before 5.6.0; iProcess Engine 10.3.0 through 10.6.2 and 11.0.0; and Mainframe Service Tracker before 1.1.0 might allow remote attackers to execute arbitrary code via a crafted message. Múltiples desbordamientos de búfer en TIBCO Hawk (1) la librería AMI C (libtibhawkami) y (2) Hawk HMA (tibhawkhma), como se usan en TIBCO Hawk antes de 4.8.1; Runtime... • http://secunia.com/advisories/31618 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 11%CPEs: 19EXPL: 0CVE-2008-1703
https://notcve.org/view.php?id=CVE-2008-1703
11 Apr 2008 — Multiple buffer overflows in TIBCO Software Rendezvous before 8.1.0, as used in multiple TIBCO products, allow remote attackers to execute arbitrary code via a crafted message. Múltiples desbordamientos de búfer en TIBCO Software Rendezvous anterior a 8.1.0., utilizado en múltiples productos TIBCO,permitena atacantes remotos ejecutar código de su elección mediante un mensaje manipulado. • http://secunia.com/advisories/29774 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •