Lucene search
K

87 matches found

UbuntuCve
UbuntuCve
added 2021/08/30 6:15 p.m.38 views

CVE-2021-27018

The mechanism which performs certificate validation was discovered to have a flaw that resulted in certificates signed by an internal certificate authority to not be properly validated. This issue only affects clients that are configured to utilize Tenable.sc as the vulnerability data source...

7.5CVSS7.1AI score0.00541EPSS
Exploits0References2
Prion
Prion
added 2021/08/30 6:15 p.m.16 views

Design/Logic Flaw

The mechanism which performs certificate validation was discovered to have a flaw that resulted in certificates signed by an internal certificate authority to not be properly validated. This issue only affects clients that are configured to utilize Tenable.sc as the vulnerability data source...

4.3CVSS7.4AI score0.00541EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/08/30 5:56 p.m.45 views

CVE-2021-27018

CVE-2021-27018 is a certificate validation flaw where the mechanism validating certificates fails to properly validate certificates signed by an internal CA. Documented impact is that affected clients configured to use Tenable.sc as the vulnerability data source may be unable to validate such cer...

7.5CVSS7.5AI score0.00541EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/08/11 12:0 a.m.43 views

openSUSE 15 Security Update : php7 (openSUSE-SU-2021:1130-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1130-1 advisory. - Tenable.sc leverages third-party software to help provide underlying functionality. Multiple third-party components were found to contain...

9.8CVSS7.2AI score0.9947EPSS
Exploits97References7
Tenable Nessus
Tenable Nessus
added 2021/07/31 12:0 a.m.86 views

openSUSE 15 Security Update : php7 (openSUSE-SU-2021:2575-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:2575-1 advisory. - Tenable.sc leverages third-party software to help provide underlying functionality. Multiple third-party components were found to contain...

9.8CVSS7.1AI score0.9947EPSS
Exploits97References4
Tenable Product Security Advisories
Tenable Product Security Advisories
added 2021/07/22 6:11 p.m.94 views

[R2] Tenable.sc 5.19.0 Fixes Multiple Third-party Vulnerabilities

Tenable.sc leverages third-party software to help provide underlying functionality. Multiple third-party components were found to contain vulnerabilities, and updated versions have been made available by the providers. Out of caution, and in line with best practice, Tenable has upgraded the bundl...

7.5CVSS2.3AI score0.07066EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2021/04/09 12:0 a.m.57 views

Tenable.sc 5.16.0 / 5.17.0 OpenSSL DoS (TNS-2021-06)

According to its self-reported version, the Tenable.sc application installed on the remote host is version 5.16.0 or 5.17.0 and affected by the following OpenSSL denial of service vulnerability: - An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from...

5.9CVSS7.7AI score0.62906EPSS
Exploits3References3
Tenable Product Security Advisories
Tenable Product Security Advisories
added 2021/03/31 10:11 p.m.10 views

[R1] Tenable.sc 5.18.0 Fixes One Third-party Vulnerability

Tenable.sc leverages third-party software to help provide underlying functionality. One of the third-party components OpenSSL was found to contain vulnerabilities, and updated versions have been made available by the providers. Out of caution and in line with good practice, Tenable opted to upgra...

7.1AI score
Exploits0
NVD
NVD
added 2021/03/03 5:15 p.m.14 views

CVE-2021-20076

Tenable.sc and Tenable.sc Core versions 5.13.0 through 5.17.0 were found to contain a vulnerability that could allow an authenticated, unprivileged user to perform Remote Code Execution RCE on the Tenable.sc server via Hypertext Preprocessor unserialization...

8.8CVSS0.01985EPSS
Exploits0References1
Prion
Prion
added 2021/03/03 5:15 p.m.20 views

Remote code execution

Tenable.sc and Tenable.sc Core versions 5.13.0 through 5.17.0 were found to contain a vulnerability that could allow an authenticated, unprivileged user to perform Remote Code Execution RCE on the Tenable.sc server via Hypertext Preprocessor unserialization...

6.5CVSS8.9AI score0.01985EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/03/03 4:30 p.m.23 views

CVE-2021-20076

Tenable.sc and Tenable.sc Core versions 5.13.0 through 5.17.0 were found to contain a vulnerability that could allow an authenticated, unprivileged user to perform Remote Code Execution RCE on the Tenable.sc server via Hypertext Preprocessor unserialization...

9.3AI score0.01985EPSS
Exploits0References1
CVE
CVE
added 2021/03/03 4:30 p.m.74 views

CVE-2021-20076

CVE-2021-20076 affects Tenable.sc and Tenable.sc Core versions 5.13.0–5.17.0. The vulnerability allows an authenticated, unprivileged user to achieve Remote Code Execution on the Tenable.sc server through PHP unserialization. The available connected documentation consistently describes the issue ...

8.8CVSS8.9AI score0.01985EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2021/03/03 12:0 a.m.4 views

Tenable.sc 代码问题漏洞

Tenable Network Security Tenable.Sc is a vulnerability analysis solution from Tenable Network Security, USA. The product supports real-time vulnerability assessment and management, among other things. A security vulnerability exists in Tenable.sc and Tenable.sc Core versions 5.13.0 through 5.17.0...

8.8CVSS8.2AI score0.01985EPSS
Exploits0References3
Tenable Product Security Advisories
Tenable Product Security Advisories
added 2021/03/01 11:7 p.m.16 views

[R2] Stand-alone Security Patches Available for Tenable.sc versions 5.13.0 to 5.17.0

Tenable.sc and Tenable.sc Core versions 5.13.0 through 5.17.0 were found to contain a vulnerability that could allow an authenticated, unprivileged user to perform Remote Code Execution RCE on the Tenable.sc server via Hypertext Preprocessor unserialization. Additionally, one third-party componen...

7.6AI score
Exploits0
NVD
NVD
added 2020/12/21 6:15 p.m.15 views

CVE-2020-5808

In certain scenarios in Tenable.sc prior to 5.17.0, a scanner could potentially be used outside the user's defined scan zone without a particular zone being specified within the Automatic Distribution configuration...

7.5CVSS7.4AI score0.01098EPSS
Exploits0References1
Prion
Prion
added 2020/12/21 6:15 p.m.21 views

Default configuration

In certain scenarios in Tenable.sc prior to 5.17.0, a scanner could potentially be used outside the user's defined scan zone without a particular zone being specified within the Automatic Distribution configuration...

5CVSS7.4AI score0.01098EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2020/12/21 5:45 p.m.64 views

CVE-2020-5808

Technical details about CVE-2020-5808 are not publicly provided in the supplied connected documents. Monitor for updates from the listed sources (Red Hat, NVD, NSTG/NESSUS plugin) for concrete affected products, versions, and fixes.

7.5CVSS7.4AI score0.01098EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/12/21 5:45 p.m.19 views

CVE-2020-5808

In certain scenarios in Tenable.sc prior to 5.17.0, a scanner could potentially be used outside the user's defined scan zone without a particular zone being specified within the Automatic Distribution configuration...

7.4AI score0.01098EPSS
Exploits0References1
Tenable Product Security Advisories
Tenable Product Security Advisories
added 2020/12/21 2:54 p.m.42 views

[R1] Tenable.sc 5.17.0 Fixes Multiple Vulnerabilities

Tenable.sc leverages third-party software to help provide underlying functionality. Two separate third-party components jQuery and OpenSSL were found to contain vulnerabilities, and updated versions have been made available by the providers. Out of caution and in line with good practice, Tenable...

7.2AI score
Exploits0
NVD
NVD
added 2020/04/17 7:15 p.m.23 views

CVE-2020-5737

Stored XSS in Tenable.Sc before 5.14.0 could allow an authenticated remote attacker to craft a request to execute arbitrary script code in a user's browser session. Updated input validation techniques have been implemented to correct this issue...

5.4CVSS5.7AI score0.00622EPSS
Exploits0References1
Rows per page
Query Builder