3 matches found
CVE-2023-0476
A LDAP injection vulnerability exists in Tenable.sc due to improper validation of user-supplied input before returning it to users. An authenticated attacker could generate data in Active Directory using the application account through blind LDAP injection...
CVE-2023-0476
CVE-2023-0476 is an LDAP injection vulnerability in Tenable.sc caused by improper validation of user input. An authenticated attacker could use the application account to generate data in Active Directory via blind LDAP injection. Affected product is Tenable.sc (vulnerable at least before 6.0.0)....
[R2] Tenable.sc 6.0.0 Fixes Multiple Vulnerabilities
R2 Tenable.sc 6.0.0 Fixes Multiple Vulnerabilities Arnie Cabral Tue, 01/24/2023 - 11:16 Tenable.sc leverages third-party software to help provide underlying functionality. One of the third-party components libcurl was found to contain vulnerabilities, and updated versions have been made available...