Multiple vulnerabilities in Tenable Nessus

Published: 2018-05-16 12:01:53
Severity Low
Patch available YES
Number of vulnerabilities 2
CVE ID CVE-2018-1147
CVE-2018-1148
CVSSv3 4.7 [CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]
4.7 [CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CWE ID CWE-79
CWE-384
Exploitation vector Network
Public exploit N/A
Vulnerable software Tenable Nessus
Vulnerable software versions Tenable Nessus 7.0.3
Tenable Nessus 7.0.2
Tenable Nessus 7.0.1
Tenable Nessus 7.0.0
Vendor URL Tenable Network Security

Security Advisory

1) Cross-site scripting

Description

The vulnerability allows a remote authenticated attacker to perform cross-site scripting (XSS) attacks.

The weakness exists in '.nessus' files due to insufficient sanitization of user-supplied data. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

Remediation

Update to version 7.1.0.

External links

https://www.tenable.com/security/tns-2018-05

2) Session fixation attack

Description

The vulnerability allows a remote authenticated attacker to perform session fixation attacks on the target system.

The weakness exists due to insufficient session management. A remote attacker can maintain system access after a password change due to session fixation.

Remediation

Update to version 7.1.0.

External links

https://www.tenable.com/security/tns-2018-05

Back to List