Lucene search
HistoryFeb 07, 2024 - 12:15 a.m.
CVE-2024-0955
nessus
xss
vulnerability
remote
execution
scripts
administrator
privileges
proxy settings
CVSS3
4.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
AI Score
5.2
Confidence
High
EPSS
0.001
Percentile
17.0%
A stored XSS vulnerability exists where an authenticated, remote attacker with administrator privileges on the Nessus application could alter Nessus proxy settings, which could lead to the execution of remote arbitrary scripts.
Affected configurations
Node
tenablenessusRange<10.7.0
References
Related
cve
cve
CVE-2024-0955
2024-02-07 00:15:55
cvelist
cvelist
CVE-2024-0955 Stored XSS vulnerability
2024-02-06 23:34:19
vulnrichment
vulnrichment
CVE-2024-0955 Stored XSS vulnerability
2024-02-06 23:34:19
prion
prion
Cross site scripting
2024-02-07 00:15:00
tenable
tenable
[R1] Nessus Version 10.7.0 Fixes Multiple Vulnerabilities
2024-02-06 16:07:31
openvas
openvas
Tenable Nessus Multiple Vulnerabilities (TNS-2024-01)
2024-02-07 00:00:00
nessus
nessus
Tenable Nessus < 10.7.0 Multiple Vulnerabilities (TNS-2024-01)
2024-02-07 00:00:00
CVSS3
4.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
AI Score
5.2
Confidence
High
EPSS
0.001
Percentile
17.0%
Related for NVD:CVE-2024-0955