Lucene search
PRIOn knowledge basePRION:CVE-2023-24493HistoryJan 26, 2023 - 9:18 p.m.
Design/Logic Flaw
2023-01-2621:18:00
PRIOn knowledge base
www.prio-n.com
5
vulnerability
tenable.sc
formula injection
authenticated attacker
exported reports
victim approval
A formula injection vulnerability exists in Tenable.sc due to improper validation of user-supplied input before returning it to users. An authenticated attacker could leverage the reporting system to export reports containing formulas, which would then require a victim to approve and execute on a host.
| CPE | Name | Operator | Version |
|---|---|---|---|
| tenable.sc | le | 5.23.1 |
References
Related
cve
cve
CVE-2023-24493
2023-01-26 21:18:19
cvelist
cvelist
CVE-2023-24493
2023-01-25 00:00:00
nvd
nvd
CVE-2023-24493
2023-01-26 21:18:19
tenable
tenable
[R2] Tenable.sc 6.0.0 Fixes Multiple Vulnerabilities
2023-01-24 16:16:30
nessus
nessus
Tenable SecurityCenter < 6.0.0 Multiple Vulnerabilities (TNS-2023-03)
2023-01-27 00:00:00