Lucene search
TenableCVELIST:CVE-2024-0955HistoryFeb 06, 2024 - 11:34 p.m.
CVE-2024-0955 Stored XSS vulnerability
2024-02-0623:34:19
CWE-20
tenable
www.cve.org
3
nessus
xss
vulnerability
proxy settings
remote execution
CVSS3
4.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
AI Score
5.8
Confidence
High
EPSS
0.001
Percentile
17.0%
A stored XSS vulnerability exists where an authenticated, remote attacker with administrator privileges on the Nessus application could alter Nessus proxy settings, which could lead to the execution of remote arbitrary scripts.
CNA Affected
[
{
"defaultStatus": "affected",
"platforms": [
"Windows",
"Linux",
"MacOS"
],
"product": "Nessus",
"vendor": "Tenable",
"versions": [
{
"lessThan": "10.7.0",
"status": "affected",
"version": "0",
"versionType": "10.7.0"
}
]
}
]References
Related
cve
cve
CVE-2024-0955
2024-02-07 00:15:55
vulnrichment
vulnrichment
CVE-2024-0955 Stored XSS vulnerability
2024-02-06 23:34:19
nvd
nvd
CVE-2024-0955
2024-02-07 00:15:55
prion
prion
Cross site scripting
2024-02-07 00:15:00
tenable
tenable
[R1] Nessus Version 10.7.0 Fixes Multiple Vulnerabilities
2024-02-06 16:07:31
openvas
openvas
Tenable Nessus Multiple Vulnerabilities (TNS-2024-01)
2024-02-07 00:00:00
nessus
nessus
Tenable Nessus < 10.7.0 Multiple Vulnerabilities (TNS-2024-01)
2024-02-07 00:00:00
CVSS3
4.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
AI Score
5.8
Confidence
High
EPSS
0.001
Percentile
17.0%
Related for CVELIST:CVE-2024-0955