CVE-2024-10217 & CVE-2024-10218: TIBCO Hawk Faces Critical Security Risks
TIBCO, a prominent provider of enterprise integration and management software, has issued urgent security advisories addressing two critical vulnerabilities affecting its Operational Intelligence Hawk platform. These flaws, identified as CVE-2024-10217 and CVE-2024-10218, both carry a CVSSv4 score of 9.2, indicating their high severity and potential impact.
TIBCO Operational Intelligence Hawk is a widely used solution for monitoring and managing distributed applications and systems. System administrators rely on it to track performance, identify issues, and automate responses. However, these newly disclosed vulnerabilities introduce significant security risks.
CVE-2024-10217 is a Stored Cross-Site Scripting (XSS) vulnerability. According to TIBCO’s advisory, this flaw “allows the author of a malicious .mar file to perform an XSS attack.” This means attackers could inject malicious scripts into Hawk, potentially compromising user accounts and gaining unauthorized access to sensitive information.
CVE-2024-10218 is a Stored XML External Entity (XEE) vulnerability. This vulnerability “allows the author of a malicious .mar file to read sensitive files on the host system.” Attackers could exploit this flaw to access confidential data, configuration files, or other sensitive information stored on the server.
Both vulnerabilities affect a range of TIBCO Hawk versions, including 6.2.0 through 6.3.0 and Operational Intelligence Hawk versions 7.2.0 through 7.2.2. TIBCO has released updated versions to address these issues and urges users to upgrade immediately.
The company advises users of TIBCO Hawk versions 6.2.0 to 6.2.4 to update to version 6.2.5 or later. Users of TIBCO Hawk version 6.3.0 should update to 6.3.1 or later. For TIBCO Operational Intelligence Hawk, versions 7.2.0 to 7.2.2 should be updated to 7.3.0 or later.
At this time, there are no reports of these vulnerabilities being actively exploited in the wild. However, given their severity, it is crucial for organizations using TIBCO Operational Intelligence Hawk to take immediate action and apply the necessary updates to protect their systems and data.
