RSS   Vulnerabilities for 'Tenable.sc'   RSS

2021-03-03
 
CVE-2021-20076

CWE-502
 

 
Tenable.sc and Tenable.sc Core versions 5.13.0 through 5.17.0 were found to contain a vulnerability that could allow an authenticated, unprivileged user to perform Remote Code Execution (RCE) on the Tenable.sc server via Hypertext Preprocessor unserialization.

 
2020-12-21
 
CVE-2020-5808

CWE-732
 

 
In certain scenarios in Tenable.sc prior to 5.17.0, a scanner could potentially be used outside the user's defined scan zone without a particular zone being specified within the Automatic Distribution configuration.

 
2020-04-17
 
CVE-2020-5737

CWE-79
 

 
Stored XSS in Tenable.Sc before 5.14.0 could allow an authenticated remote attacker to craft a request to execute arbitrary script code in a user's browser session. Updated input validation techniques have been implemented to correct this issue.

 

 >>> Vendor: Tenable 10 Products
Nessus
Plugin-set
Web ui
Log correlation engine
Appliance
Securitycenter
Tenable.sc
Nessus amazon machine image
Jira cloud
Nessus agent


Copyright 2021, cxsecurity.com

 

Back to Top