Skip to main content

Appliance

4 CVEs product

Monthly

CVE-2018-1142 MEDIUM PATCH This Month

Tenable Appliance versions 4.6.1 and earlier have been found to contain a single XSS vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Appliance
NVD
CVSS 3.0
5.4
EPSS
0.5%
CVE-2017-8051 CRITICAL POC PATCH THREAT Act Now

Tenable Appliance 3.5 - 4.4.0, and possibly prior versions, contains a flaw in the simpleupload.py script in the Web UI. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 53.1%.

Command Injection Appliance
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
53.1%
Threat
5.1
CVE-2017-8050 HIGH PATCH This Week

Tenable Appliance 4.4.0, and possibly prior, contains a flaw in the Web UI that allows for the unauthorized manipulation of the admin password. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Appliance
NVD
CVSS 3.0
7.5
EPSS
0.2%
CVE-2017-6543 HIGH This Week

Tenable Nessus before 6.10.2 (as used alone or in Tenable Appliance before 4.5.0) was found to contain a flaw that allowed a remote, authenticated attacker to upload a crafted file that could be. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Nessus Appliance
NVD
CVSS 3.0
7.3
EPSS
0.3%
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

Tenable Appliance versions 4.6.1 and earlier have been found to contain a single XSS vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Appliance
NVD
EPSS 53% 5.1 CVSS 9.8
CRITICAL POC PATCH THREAT Act Now

Tenable Appliance 3.5 - 4.4.0, and possibly prior versions, contains a flaw in the simpleupload.py script in the Web UI. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 53.1%.

Command Injection Appliance
NVD Exploit-DB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Tenable Appliance 4.4.0, and possibly prior, contains a flaw in the Web UI that allows for the unauthorized manipulation of the admin password. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Appliance
NVD
EPSS 0% CVSS 7.3
HIGH This Week

Tenable Nessus before 6.10.2 (as used alone or in Tenable Appliance before 4.5.0) was found to contain a flaw that allowed a remote, authenticated attacker to upload a crafted file that could be. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Nessus +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy