Path Traversal in Tibco Jasperreports_library
CVE-2022-22771
The Server component of TIBCO Software Inc.'s TIBCO JasperReports Library, TIBCO JasperReports Library for ActiveMatrix BPM, TIBCO JasperReports Server, TIBCO JasperReports Server for AWS Marketplace, TIBCO JasperReports Server for ActiveM…
Vulnerability class: Path Traversal (Directory Traversal)
EPSS: 0.021 (79.3th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 8.8 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.
Affected products
- Tibco Jasperreports_library — versions 7.9.0
- Tibco Jasperreports_server — versions 7.9.0, 7.9.1
- Tibco Software Inc. Jasperreports Library — versions 7.9.0
- Tibco Software Inc. Jasperreports Library For Activematrix Bpm — versions 7.9.0
- Tibco Software Inc. Jasperreports Server — versions 7.9.0, 7.9.1
- Tibco Software Inc. Jasperreports Server For Activematrix Bpm — versions 7.9.0, 7.9.1
- Tibco Software Inc. Jasperreports Server For Aws Marketplace — versions 7.9.0, 7.9.1
- Tibco Software Inc. Jasperreports Server For Microsoft Azure — versions 7.9.1
Weakness classification (CWE)
References
- security@tibco.com (x_refsource_CONFIRM, Vendor Advisory)
- security@tibco.com (x_refsource_CONFIRM, Vendor Advisory)
Frequently asked questions
- What is CVE-2022-22771?
- CVE-2022-22771 is a high-severity vulnerability in Tibco Jasperreports_library, classified under Path Traversal. CVSS score: 8.8/10. Published 2022-03-15.
- How severe is CVE-2022-22771?
- High severity. CVSS v3 base score is 8.8 out of 10.