Lucene search
K

96 matches found

Tenable Nessus
Tenable Nessus
added 2021/09/03 12:0 a.m.93 views

Tenable SecurityCenter < 5.19.0 Multiple XSS Vulnerabilities (TNS-2021-14)

According to its self-reported version, the Tenable SecurityCenter application installed on the remote host is less than 5.19.0 and is therefore affected by multiple vulnerabilities in the following components: - Bootstrap - SimpleSAML Note that successful exploitation of the most serious issues...

6.9CVSS6.8AI score0.99019EPSS
Exploits12References8
Tenable Nessus
Tenable Nessus
added 2021/04/01 12:0 a.m.65 views

Tenable SecurityCenter 5.13.x < 5.18.0 DoS (TNS-2021-06)

According to its self-reported version, the Tenable SecurityCenter application installed on the remote host is version 5.13.x 5.18.0 and affected by the following OpenSSL denial of service vulnerability: - An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello...

5.9CVSS7.7AI score0.62906EPSS
Exploits3References3
Tenable Nessus
Tenable Nessus
added 2021/03/19 12:0 a.m.47 views

Tenable SecurityCenter 5.9.x to 5.12.x SimpleSAMLPHP Privilege Escalation (TNS-2020-01)

According to its self-reported version, the Tenable SecurityCenter application installed on the remote host is 5.9.x, 5.10.x, 5.11.x or 5.12.x. It is, therefore, affected by a privilege escalation vulnerability due to incorrect validation of cryptographic signatures in XML messages in the...

8.8CVSS7.8AI score0.03024EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/03/05 12:0 a.m.75 views

Tenable SecurityCenter 5.16.x / 5.17.0 Multiple Vulnerabilities (TNS-2021-03)

According to its self-reported version, the Tenable SecurityCenter application installed on the remote host is in the 5.16.0 - 5.17.0 version range. It is, therefore, affected by multiple vulnerabilities in a third-party component OpenSSL. Updated versions have been made available by the provider...

7.5CVSS6.5AI score0.50732EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2021/03/03 12:0 a.m.61 views

Tenable SecurityCenter 5.13.0 - 5.17.0 Remote Code Execution (TNS-2021-03)

According to its self-reported version, the Tenable SecurityCenter application installed on the remote host is in the 5.13.0 through 5.17.0 version range. Tenable.sc and Tenable.sc Core versions 5.13.0 through 5.17.0 were found to contain a vulnerability that could allow an authenticated,...

8.8CVSS8.1AI score0.01985EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/02/19 12:0 a.m.43 views

Tenable SecurityCenter < 5.14.0 Multiple Vulnerabilities (TNS-2020-02)

According to its self-reported version, the Tenable SecurityCenter application installed on the remote host is earlier than 5.14.0. It is, therefore, affected by multiple vulnerabilities. Note that Nessus has not tested for these issues nor the stand-alone patch but has instead relied only on the...

6.1CVSS6.9AI score0.87218EPSS
Exploits4References3
Tenable Nessus
Tenable Nessus
added 2020/12/23 12:0 a.m.89 views

Tenable SecurityCenter < 5.17.0 Multiple Vulnerabilities (TNS-2020-11)

According to its self-reported version, the Tenable SecurityCenter application installed on the remote host is earlier than 5.17.0. It is, therefore, affected by multiple vulnerabilities. Note that Nessus has not tested for these issues nor the stand-alone patch but has instead relied only on the...

7.5CVSS6.9AI score0.99019EPSS
Exploits12References6
Tenable Nessus
Tenable Nessus
added 2018/11/27 12:0 a.m.49 views

Tenable SecurityCenter < 5.8.0 Multiple Vulnerabilities (TNS-2018-15)

According to its self-reported version, the Tenable SecurityCenter application installed on the remote host is 5.7.1 or earlier. It is, therefore, affected by multiple vulnerabilities. Note that Nessus has not tested for these issues nor the stand-alone patch but has instead relied only on the...

7.5CVSS7.2AI score0.13809EPSS
Exploits4References8
Tenable Product Security Advisories
Tenable Product Security Advisories
added 2018/11/06 11:14 p.m.16 views

[R2] SecurityCenter 5.8.0 Fixes Multiple Third-Party Vulnerabilities

SecurityCenter leverages third-party software to help provide underlying functionality. Two separate third-party components Apache Xalan and Serializer were found to contain vulnerabilities, and updated versions have been made available by the providers...

7.1AI score
Exploits0
Tenable Product Security Advisories
Tenable Product Security Advisories
added 2018/11/06 11:14 p.m.481 views

[R2] SecurityCenter 5.8.0 Fixes Multiple Third-Party Vulnerabilities

SecurityCenter leverages third-party software to help provide underlying functionality. Two separate third-party components Apache Xalan and Serializer were found to contain vulnerabilities, and updated versions have been made available by the providers...

3.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/09/24 12:0 a.m.70 views

Tenable SecurityCenter < 5.7.1 Multiple Vulnerabilities (TNS-2018-12)

According to its self-reported version, the Tenable SecurityCenter application installed on the remote host is prior to 5.7.1. It is, therefore, affected by multiple vulnerabilities. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported...

9.8CVSS6.5AI score0.87606EPSS
Exploits5References12
Tenable Product Security Advisories
Tenable Product Security Advisories
added 2018/09/12 8:36 p.m.483 views

[R1] SecurityCenter 5.7.1 Fixes Multiple Third-Party Vulnerabilities

SecurityCenter leverages third-party software to help provide underlying functionality. Two separate third-party components PHP and OpenSSL were found to contain vulnerabilities, and updated versions have been made available by the providers. Out of caution and in line with good practice, Tenable...

2.2AI score
Exploits0
Tenable Product Security Advisories
Tenable Product Security Advisories
added 2018/09/12 8:36 p.m.11 views

[R1] SecurityCenter 5.7.1 Fixes Multiple Third-Party Vulnerabilities

SecurityCenter leverages third-party software to help provide underlying functionality. Two separate third-party components PHP and OpenSSL were found to contain vulnerabilities, and updated versions have been made available by the providers. Out of caution and in line with good practice, Tenable...

7.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/08/16 12:0 a.m.31 views

Tenable SecurityCenter < 5.7.0 Multiple Vulnerabilites (TNS-2018-11)

According to its self-reported version, the Tenable SecurityCenter application installed on the remote host is affected by multiple vulnerabilities: - In SecurityCenter versions prior to 5.7.0, a username enumeration issue could allow an unauthenticated attacker to automate the discovery of...

8.8CVSS6.3AI score0.00673EPSS
Exploits0References3
NVD
NVD
added 2018/08/02 7:29 p.m.26 views

CVE-2018-1155

In SecurityCenter versions prior to 5.7.0, a cross-site scripting XSS issue could allow an authenticated attacker to inject JavaScript code into an image filename parameter within the Reports feature area. Properly updated input validation techniques have been implemented to correct this issue...

5.4CVSS6AI score0.00569EPSS
Exploits0References2
Prion
Prion
added 2018/08/02 7:29 p.m.19 views

Cross site scripting

In SecurityCenter versions prior to 5.7.0, a cross-site scripting XSS issue could allow an authenticated attacker to inject JavaScript code into an image filename parameter within the Reports feature area. Properly updated input validation techniques have been implemented to correct this issue...

3.5CVSS5.3AI score0.00569EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2018/08/02 7:29 p.m.20 views

Code injection

In SecurityCenter versions prior to 5.7.0, a username enumeration issue could allow an unauthenticated attacker to automate the discovery of username aliases via brute force, ultimately facilitating unauthorized access. Server response output has been unified to correct this issue...

3.3CVSS8.5AI score0.00673EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2018/08/02 7:29 p.m.30 views

CVE-2018-1154

In SecurityCenter versions prior to 5.7.0, a username enumeration issue could allow an unauthenticated attacker to automate the discovery of username aliases via brute force, ultimately facilitating unauthorized access. Server response output has been unified to correct this issue...

8.8CVSS8.7AI score0.00673EPSS
Exploits0References2
OSV
OSV
added 2018/08/02 7:29 p.m.4 views

CVE-2018-1155

In SecurityCenter versions prior to 5.7.0, a cross-site scripting XSS issue could allow an authenticated attacker to inject JavaScript code into an image filename parameter within the Reports feature area. Properly updated input validation techniques have been implemented to correct this issue...

5.4CVSS5.7AI score0.00569EPSS
Exploits0References2
CVE
CVE
added 2018/08/02 7:0 p.m.55 views

CVE-2018-1154

The CVE-2018-1154 issue affects SecurityCenter prior to version 5.7.0, where an unauthenticated attacker could enumerate username aliases by brute-forcing responses, potentially leading to unauthorized access. The issue’s root cause is a username enumeration mechanism; mitigation configured in th...

8.8CVSS8.5AI score0.00673EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder