Lucene search
TenableVULNRICHMENT:CVE-2024-0971HistoryFeb 06, 2024 - 11:38 p.m.
CVE-2024-0971
2024-02-0623:38:32
CWE-89
tenable
github.com
3
sql injection
remote attacker
alter db
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
AI Score
7.9
Confidence
Low
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
A SQL injection vulnerability exists where an authenticated, low-privileged remote attacker could potentially alter scan DB content.
CNA Affected
[
{
"vendor": "Tenable",
"product": "Nessus",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "10.7.0",
"versionType": "10.7.0"
}
],
"platforms": [
"Windows",
"MacOS",
"Linux"
],
"defaultStatus": "affected"
}
]References
Related
cve
cve
CVE-2024-0971
2024-02-07 00:15:55
cvelist
cvelist
CVE-2024-0971
2024-02-06 23:38:32
prion
prion
Sql injection
2024-02-07 00:15:00
nvd
nvd
CVE-2024-0971
2024-02-07 00:15:55
tenable
tenable
[R1] Nessus Version 10.7.0 Fixes Multiple Vulnerabilities
2024-02-06 16:07:31
openvas
openvas
Tenable Nessus Multiple Vulnerabilities (TNS-2024-01)
2024-02-07 00:00:00
nessus
nessus
Tenable Nessus < 10.7.0 Multiple Vulnerabilities (TNS-2024-01)
2024-02-07 00:00:00
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
AI Score
7.9
Confidence
Low
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
Related for VULNRICHMENT:CVE-2024-0971