RSS   Podatności dla 'Tenable.sc'   RSS

2022-01-14
 
CVE-2022-0130

CWE-94
 

 
Tenable.sc versions 5.14.0 through 5.19.1 were found to contain a remote code execution vulnerability which could allow a remote, unauthenticated attacker to execute code under special circumstances. An attacker would first have to stage a specific file type in the web server root of the Tenable.sc host prior to remote exploitation.

 
2021-03-03
 
CVE-2021-20076

CWE-502
 

 
Tenable.sc and Tenable.sc Core versions 5.13.0 through 5.17.0 were found to contain a vulnerability that could allow an authenticated, unprivileged user to perform Remote Code Execution (RCE) on the Tenable.sc server via Hypertext Preprocessor unserialization.

 
2020-12-21
 
CVE-2020-5808

CWE-732
 

 
In certain scenarios in Tenable.sc prior to 5.17.0, a scanner could potentially be used outside the user's defined scan zone without a particular zone being specified within the Automatic Distribution configuration.

 
2020-04-17
 
CVE-2020-5737

CWE-79
 

 
Stored XSS in Tenable.Sc before 5.14.0 could allow an authenticated remote attacker to craft a request to execute arbitrary script code in a user's browser session. Updated input validation techniques have been implemented to correct this issue.

 

 >>> Vendor: Tenable 10 Produkty
Nessus
Plugin-set
Web ui
Log correlation engine
Appliance
Securitycenter
Tenable.sc
Nessus amazon machine image
Jira cloud
Nessus agent


Copyright 2024, cxsecurity.com

 

Back to Top