CVE-2022-4313

A vulnerability was reported where through modifying the scan variables, an authenticated user in Tenable products, that has Scan Policy Configuration roles, could manipulate audit policy variables to execute arbitrary commands on credentialed scan targets...

CVE-2022-4313

A vulnerability was reported where through modifying the scan variables, an authenticated user in Tenable products, that has Scan Policy Configuration roles, could manipulate audit policy variables to execute arbitrary commands on credentialed scan targets...

Code injection

A vulnerability was reported where through modifying the scan variables, an authenticated user in Tenable products, that has Scan Policy Configuration roles, could manipulate audit policy variables to execute arbitrary commands on credentialed scan targets...

CVE-2022-4313

A vulnerability was reported where through modifying the scan variables, an authenticated user in Tenable products, that has Scan Policy Configuration roles, could manipulate audit policy variables to execute arbitrary commands on credentialed scan targets...

PT-2023-14178 · Tenable · Tenable

Name of the Vulnerable Software and Affected Versions: Tenable products affected versions not specified Description: A vulnerability was reported where an authenticated user with Scan Policy Configuration roles in Tenable products could manipulate audit policy variables by modifying the scan...

CVE-2022-4313

A vulnerability was reported where through modifying the scan variables, an authenticated user in Tenable products, that has Scan Policy Configuration roles, could manipulate audit policy variables to execute arbitrary commands on credentialed scan targets...

Tenable Network Security Tenable.Sc和Nessus 安全漏洞

Tenable Network Security Nessus and Tenable.Sc are both products of Tenable Network Security, U.S.A. Nessus is an open-source system vulnerability scanner.Tenable.Sc is a vulnerability analysis solution. Sc is a vulnerability analysis solution that supports real-time vulnerability assessment and...

[R1] Tenable Plugin Feed ID #202212081952 Fixes Arbitrary Code Execution Vulnerability

R1 Tenable Plugin Feed ID 202212081952 Fixes Arbitrary Code Execution Vulnerability Arnie Cabral Fri, 03/10/2023 - 16:28 Audit files that are built into the Tenable products provide capability to adjust the audit evaluation to meet organizational requirements. A vulnerability was reported where...

SSH Per-Host Command Logging

If the 'Always report SSH commands' advanced preference is selected in the scan policy, this plugin will report all commands run over SSH on the host in a machine readable format. TRUSTED...

Spring Framework < 5.2.20 / 5.3.x < 5.3.18 Remote Code Execution (CVE-2022-22965)

The remote host contains a Spring Framework library version that is prior to 5.2.20 or 5.3.x prior to 5.3.18. It is, therefore, affected by a remote code execution vulnerability: - A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution RCE via data...

Target Credential Status by Authentication Protocol - Valid Credentials Provided

Nessus was able to determine that valid credentials were provided for an authentication protocol available on the remote target because it was able to successfully authenticate directly to the remote target using that authentication protocol at least once. Authentication was successful because th...

Operating System Unsupported Version Detection in banner reporting (PCI-DSS check)

A service banner response from the remote host indicates an operating system install at a level that indicates the operating system running on the remote host is no longer supported. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, ...

First look at Tenable.io Web Application Scanner (WAS)

When Tenable firstly announced Web Application Security scanner as a part of their new Tenable.io platform, it was quite intriguing. Certainly, they already had some WAS functionality before in Nessus. For example, path traversal check was pretty good. But this functionality was quite fragmental...

New Advanced Dynamic Scan Policy Template in Nessus 8

According to Nessus 8.1.0 release notes, Tenable finally solved the problem with Mixed Plugin groups. At least partially. I will briefly describe the problem. Let's say we found out that some Nessus plugins crash our target systems. This happens rarely, but it happens. So, we decided to disable...

Target Credential Issues by Authentication Protocol - Intermittent Authentication Failure

Nessus was able to successfully authenticate to the remote host on an authentication protocol at least once using credentials provided in the scan policy. However, one or more plugins failed to authenticate to the remote host on the same port and protocol using the same credential set that was...

Deprecated / Disabled Plugins in Scan Policy - Notice

One or more plugins that were enabled in the scan policy have been either deprecated or disabled by Tenable with a notice to inform customers of the change. See plugin output for details on which plugins enabled in the scan policy have been deprecated or disabled and any other pertinent...

Web Form Sending Credentials Using GET (PCI-DSS check)

The remote web application has a form that sends credentials using an HTTP GET request. This can cause sensitive information such as usernames and passwords to be logged by the server in access logs. Authors of services which use the HTTP protocol SHOULD NOT use GET based forms for the submission...

SSH Commands Ran With Privilege Escalation

The remote host required a privilege escalation in order to run one or more SSH commands, or a privilege escalation was forced by a plugin for one or more SSH commands. Note that this plugin only reports if 'Attempt least privilege' is enabled in the scan policy. TRUSTED...

OWASP ZAP v2.3.0 - An easy to use integrated penetration testing tool for finding vulnerabilities in web applications

OWASP Zed Attack Proxy ZAP An easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing...

Palo Alto Networks PAN-OS Settings

This script initializes the credentials used for Palo Alto Firewall. To set the credentials, edit your scan policy and go to the 'Credentials' section. TRUSTED...