[R1] Nessus 8.0.0 Fixes Multiple Third-party Vulnerabilities

2018-10-23T21:15:12
ID TENABLE:1B5802D1F3C4D2BAAD7D49F212C928A2
Type tenable
Reporter Arnie Cabral
Modified 2018-10-23T21:15:12

Description

Nessus leverages third-party software to help provide underlying functionality. One third-party component (OpenSSL) was found to contain vulnerabilities, and updated versions have been made available by the providers.

Out of caution and in line with good practice, Tenable opted to upgrade the bundled libraries to address the potential impact of these issues in Nessus. Nessus 8.0.0 updates OpenSSL to version 1.0.2p to address the identified vulnerabilities.

Note: The CVSSv2 score used in this advisory reflects CVE-2018-0732, as it is considered the highest risk.