Appliance
Sign in to watchby Tenable
CVEs (3)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-8051 | Cri | 0.71 | 9.8 | 0.53 | Apr 21, 2017 | Tenable Appliance 3.5 - 4.4.0, and possibly prior versions, contains a flaw in the simpleupload.py script in the Web UI. Through the manipulation of the tns_appliance_session_user parameter, a remote attacker can inject arbitrary commands. | |
| CVE-2017-8050 | Hig | 0.49 | 7.5 | 0.00 | Apr 21, 2017 | Tenable Appliance 4.4.0, and possibly prior, contains a flaw in the Web UI that allows for the unauthorized manipulation of the admin password. | |
| CVE-2017-6543 | Hig | 0.47 | 7.3 | 0.00 | Mar 8, 2017 | Tenable Nessus before 6.10.2 (as used alone or in Tenable Appliance before 4.5.0) was found to contain a flaw that allowed a remote, authenticated attacker to upload a crafted file that could be written to anywhere on the system. This could be used to subsequently gain elevated privileges on the system (e.g., after a reboot). This issue only affects installations on Windows. |