Lucene search
K

5 matches found

CVE
CVE
added 2024/06/12 3:56 p.m.70 views

CVE-2024-1891

The CVE-2024-1891 entry describes a stored cross-site scripting vulnerability in Tenable Security Center. A authenticated, remote attacker could inject HTML code into a web application scan result page due to inadequate input handling in the affected component/file. Relevant details show impact c...

5.4CVSS4.6AI score0.00302EPSS
CVE
CVE
added 2024/02/14 9:39 p.m.57 views

CVE-2024-1471

CVE-2024-1471 is an HTML injection vulnerability affecting Tenable Security Center (prior to 6.3.0). An authenticated administrator could modify Repository parameters, potentially causing HTML redirection. Impact is described as Medium (per CVSS metrics: AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N or I:L...

5.9CVSS5.7AI score0.00406EPSS
CVE
CVE
added 2024/02/14 9:35 p.m.51 views

CVE-2024-1367

Summary: CVE-2024-1367 is a command-injection vulnerability in Tenable Security Center. An authenticated, remote attacker with administrator privileges could modify Logging parameters, potentially executing arbitrary code on the Security Center host. The issue is mitigated by the Security Center ...

7.2CVSS7.3AI score0.01558EPSS
CVE
CVE
added 2026/02/23 3:17 p.m.16 views

CVE-2026-2697

CVE-2026-2697 is an IDOR vulnerability in Tenable Security Center prior to 6.8.0 where an authenticated remote attacker can escalate privileges via the owner parameter. Multiple sources (NVD, Red Hat, CVE listings, and Tenable advisory) confirm the issue and its association with Security Center. ...

8.8CVSS5.4AI score0.00205EPSS
CVE
CVE
added 2026/02/23 4:28 p.m.16 views

CVE-2026-2698

CVE-2026-2698 is an improper access control vulnerability described across multiple sources as allowing an authenticated user to access areas outside their authorized scope. Connected documents tie the issue to Tenable Security Center (and its 6.8.0 fix) and Red Hat/NVD entries, all noting the sa...

7.1CVSS5.3AI score0.00209EPSS