CVE-2022-41559

CRITICAL Year: 2022
CVSS v3 Score
9.3
Critical
Weakness Type
CWE-601
View all →

Vulnerability Description

The Web Client component of TIBCO Software Inc.'s TIBCO Nimbus contains an easily exploitable vulnerability that allows an unauthenticated attacker with network access to exploit an open redirect on the affected system. A successful attack using this vulnerability requires human interaction from a person other than the attacker. Affected releases are TIBCO Software Inc.'s TIBCO Nimbus: version 10.5.0.

Related Vulnerabilities

CVE-2017-8989

CRITICAL
CVSS:9.1(Critical)

A security vulnerability in HPE IceWall SSO Dfw 10.0 and 11.0 on RHEL, HP-UX, and Windows could be exploited remotely to allow URL Redirection.

CWE-6012017

CVE-2024-33661

CRITICAL
CVSS:9.1(Critical)

Portainer before 2.20.0 allows redirects when the target is not index.yaml.

CWE-6012024

CVE-2022-40083

CRITICAL
CVSS:9.6(Critical)

Labstack Echo v4.8.0 was discovered to contain an open redirect vulnerability via the Static Handler component. This vulnerability can be leveraged by attackers to cause a Server-Side Request Forgery ...

CWE-6012022

CVE-2016-9078

HIGH
CVSS:8.8(High)

Redirection from an HTTP connection to a "data:" URL assigns the referring site's origin to the "data:" URL in some circumstances. This can result in same-origin violations against a domain if it load...

CWE-6012016

CVE-2017-1000117

HIGH
CVSS:8.8(High)

A malicious third-party can give a crafted "ssh://..." URL to an unsuspecting victim, and an attempt to visit the URL can result in any program that exists on the victim's machine being executed. Such...

CWE-6012017

CVE-2017-1156

HIGH
CVSS:8.8(High)

IBM WebSphere Portal 8.5 and 9.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attack...

CWE-6012017