Lucene search
TenableCVE-2024-1471HistoryFeb 14, 2024 - 10:15 p.m.
CVE-2024-1471
2024-02-1422:15:47
CWE-20
tenable
web.nvd.nist.gov
16
html injection
security center
administrator privileges
cve-2024-1471
nvd
CVSS3
5.9
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L
AI Score
5.7
Confidence
High
EPSS
0
Percentile
9.0%
An HTML injection vulnerability exists where an authenticated, remote attacker with administrator privileges on the Security Center application could modify Repository parameters, which could lead to HTML redirection attacks.
CNA Affected
[
{
"defaultStatus": "affected",
"platforms": [
"Linux"
],
"product": "Security Center",
"vendor": "Tenable",
"versions": [
{
"lessThan": "6.3.0",
"status": "affected",
"version": "0",
"versionType": "6.3.0"
}
]
}
]References
Related
vulnrichment
vulnrichment
CVE-2024-1471 HTML Injection Vulnerability
2024-02-14 21:39:59
prion
prion
Design/Logic Flaw
2024-02-14 22:15:00
cvelist
cvelist
CVE-2024-1471 HTML Injection Vulnerability
2024-02-14 21:39:59
nvd
nvd
CVE-2024-1471
2024-02-14 22:15:47
tenable
tenable
[R1] Security Center Version 6.3.0 Fixes Multiple Vulnerabilities
2024-02-14 15:00:35
nessus
nessus
Tenable Security Center < 6.3.0 Multiple Vulnerabilities (TNS-2024-02)
2024-02-15 00:00:00
CVSS3
5.9
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L
AI Score
5.7
Confidence
High
EPSS
0
Percentile
9.0%
Related for CVE-2024-1471