22 matches found
EUVD-2016-10072
Malware in sbrugna...
Tenable Log Correlation Engine (LCE) < 6.0.9 (TNS-2021-10)
The version of Tenable Log Correlation Engine LCE installed on the remote host is prior to 6.0.9. It is, therefore, affected by multiple vulnerabilities: - Multiple denial of service vulnerabilities in the included OpenSSL component. CVE-2019-1551, CVE-2020-1967, CVE-2020-1971, CVE-2021-3449,...
[R1] LCE 6.0.9 Fixes Multiple Third-party Vulnerabilities
Tenable Log Correlation Engine leverages third-party software to help provide underlying functionality. Two separate third-party components OpenSSL, jQuery were found to contain vulnerabilities, and updated versions have been made available by the providers. Out of caution and in line with good...
Tenable Log Correlation Engine (LCE) < 5.1.1 (TNS-2018-13)
The version of Tenable Log Correlation Engine LCE installed on the remote host is a version prior to 5.1.1. It is, therefore, affected by multiple vulnerabilities: - A flaw exists in the bundled third-party component OpenSSL library's key handling during a TLS handshake that causes a denial of...
[R1] LCE 5.1.1 Fixes Multiple Third-party Vulnerabilities
Log Correlation Engine leverages third-party software to help provide underlying functionality. One third-party component OpenSSL was found to contain vulnerabilities, and updated versions have been made available by the providers. Out of caution and in line with good practice, Tenable opted to...
[R1] LCE 5.1.1 Fixes Multiple Third-party Vulnerabilities
Log Correlation Engine leverages third-party software to help provide underlying functionality. One third-party component OpenSSL was found to contain vulnerabilities, and updated versions have been made available by the providers. Out of caution and in line with good practice, Tenable opted to...
[R1] LCE 5.0.1 Fixes Two Third-party Library Vulnerabilities
Log Correlation Engine LCE 5.0.0 is impacted by multiple vulnerabilities reported in a third-party library and an encryption algorithm. LCE was errantly using 3DES on TCP port 1243. The following vulnerabilities have been resolved with the updated libraries...
Tenable Log Correlation Engine (LCE) < 4.8.1 Multiple Vulnerabilities
The version of Tenable Log Correlation Engine LCE installed on the remote host is prior to 4.8.1. It is, therefore, affected by the following vulnerabilities : - Multiple cross-site scripting XSS vulnerabilities exist in the Handlebars library in the lib/handlebars/utils.js script due to a failur...
Tenable Log Correlation Engine Cross-Site Scripting Vulnerability
Tenable Log Correlation Engine a.k.a. LCE is a log correlation engine that provides log analysis and event monitoring from Tenable Network Security. A cross-site scripting vulnerability exists in versions of Tenable LCE prior to 4.8.1. A remote attacker can exploit this vulnerability to execute...
CVE-2016-9261
Cross-site scripting XSS vulnerability in Tenable Log Correlation Engine aka LCE before 4.8.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...
CVE-2016-9261
Cross-site scripting XSS vulnerability in Tenable Log Correlation Engine aka LCE before 4.8.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in Tenable Log Correlation Engine aka LCE before 4.8.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...
CVE-2016-9261
Cross-site scripting XSS vulnerability in Tenable Log Correlation Engine aka LCE before 4.8.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...
CVE-2016-9261
Tenable Log Correlation Engine (LCE) is affected in versions prior to 4.8.1 by cross-site scripting (XSS) vulnerabilities. The Nessus plugin aggregates multiple CVEs affecting LCE, including CVE-2016-9261, describing a vulnerability where an authenticated, remote attacker can inject arbitrary web...
Tenable Log Correlation Engine (LCE) < 4.8.0 Libxml2 DoS
The version of Tenable Log Correlation Engine LCE installed on the remote host is a version prior to 4.8.0. It is, therefore, affected by a denial of service vulnerability in the bundled version of Libxml2 due to an infinite loop condition in the xzdecomp function. An unauthenticated, remote...
Tenable Log Correlation Engine (LCE) Client Installed (macOS credentialed check)
Binary data lceclientinstalledmacosx.nbin...
Tenable Log Correlation Engine Client for Mac OS X SEoL
According to its version, the installation of the Tenable Log Correlation Engine LCE Client for Mac OS X on the remote host is no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it is...
Tenable Log Correlation Engine Client SEoL
According to its version, the installation of the Tenable Log Correlation Engine LCE Client on the remote host is no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it is likely to conta...
Tenable Log Correlation Engine Client for Windows SEoL
According to its version, the installation of the Tenable Log Correlation Engine LCE Client for Windows on the remote host is is no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it is...
Tenable Log Correlation Engine (LCE) Unix / Linux Client Installed (credentialed check)
Binary data lceclientinstalledunix.nbin...