A Server Side Request Forgery (SSRF) vulnerability exists in Tenable.sc due to improper validation of session & user-accessible input data. A privileged, authenticated remote attacker could interact with external and internal services covertly.
[
{
"vendor": "n/a",
"product": "Tenable.sc",
"versions": [
{
"version": "Tenable.sc versions 5.23.1 and earlier",
"status": "affected"
}
]
}
]